Our  picks  offer  products  and  services 
that  involve  everything  from  video  sur¬ 
veillance  to  application  whitelisting  to 
malware  blocking.  Page  20. 


8  signs  of  life  in  the  tech  economy 

Despite  all  the  bailouts  and  layoffs,  IT  industry  experts 
are  predicting  that  sales  of  computer  hardware,  soft¬ 
ware  and  services  will  resume  healthy 
growth  within  18  months.  Page  26. 


committed  to 
marriage 

Nortel’s  rocky  finan¬ 
cial  situation  likely 
won’t  have  much 
short-term  impact  on 
the  company’s  unified 
communications 
alliance  with 
Microsoft.  But  the 
future  is  cloudy. 

Page  14. 


Software-based  NAC 
leaps  hurdles 

Despite  some  short¬ 
comings,  software- 
based  network 
access  control  tech¬ 
nology  is  often  the 
first  choice  of  cus¬ 
tomers  who  adopt  the 
technology.  Page  16. 


Firms  pony  up 
to  managed  LAN 
services 

Convergence  rather 
than  economics  drives 
use  of  managed  LAN 
services.  Page  18. 


Can  unified 
communications 
save  the  day? 

Word  at  VoiceCon 
is  that  unified  com¬ 
munications  is  key  to 
thriving  during  a  bad 
economy.  Page  24. 


Lotus  chief 
discusses 
complex 
battle  plan 

BY  JOHN  FONTANA 

Integration  of  Notes-based  col¬ 
laboration,  new  unified  commu¬ 
nications  tools,  content  manage¬ 
ment  and  Web-based  services 
and  the  potential  to  mash  that 
all  together  with  new-fangled 
development  tools  and  social¬ 
networking  innovations  pouring 
out  of  IBM’s  research  labs  is  just 
one  of  the  major  challenges  fac¬ 
ing  IBM’s  Lotus  Software  division 
chief,  Bob  Picciano. 

Seven  months  into  his  new 
job,  the  21-year  IBM  veteran,  who 
started  in  research  and  spent 
time  as  a  technical  assistant  to 
former  CEO  Lou  Gerstner,  will 
take  his  integration  pitch  to  the 
people  in  January  when  he 
stands  up  for  the  first  time  at 
Lotusphere  as  the  leader  of 
IBM’s  Lotus  software  division.  In 
a  year  with  no  new  major  Notes 
release  to  show  off,  Picciano 
needs  to  sell  users  on  integrating 
pieces  of  the  Lotus  portfolio  and 
catching  the  Web  and  Enterprise 
2.0  wave. 

“It  seems  like  this  is  one  of 
those  occasions  where  things 
are  finally  coming  together. We 
are  the  collaboration  innovator 

See  Lotus,  page  46 


Cisco’s  security  role 
faces  new  challenges 


Latest  tests  raise 
doubts  about  Cisco 
software  modules 

BY  ELLEN  MESSMER 

Cisco’s  the  king  of  network  security  com¬ 
manding  almost  a  quarter  share  of  the 
worldwide  $6.8  billion  market,  according 
to  IDC.  But  can  it  hold  the  fort? 

Tops  in  selling  firewalls,  VPNs,  intrusion- 
prevention  systems  (IPS)  and  unified 
threat  management  (UTM)  gear,  Cisco 
nonetheless  fights  an  ongoing  battle  to  be 
recognized  as  best-of-breed  as  it  jousts 
against  Juniper  and  a  host  of  pure-play 
security  vendors,  including  Fortinet, 
McAfee  and  TippingPoint. 

Complicating  matters  is  the  fact  that 
Cisco  sells  a  substantial  portion  of  its  secu¬ 
rity  wares  not  as  purpose-built  stand-alone 
gear, such  as  appliances,  but  as  software  in¬ 
tegrated-services  modules  that  are  in¬ 
stalled  inside  Cisco  routers  and  switches. 

While  all  customer  networks  have  differ¬ 
ent  traffic  patterns,  there’s  growing  doubt 
about  how  well  these  firewall, VPN  and  IPS 
modules  hold  up  trying  to  handle  process¬ 
intensive  security  functions. 


“It  presents  a  tremendous  bottleneck,” 
says  Vik  Phatak,  chair  and  CEO  of  NSS 
Labs,  which  has  just  completed  an  exten¬ 
sive  round  of  tests  of  security  gear,  includ¬ 
ing  that  from  Cisco,  Juniper,  IBM,  McAfee, 

See  Cisco,  page  48 
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Client-side  Wi-Fi 
discovery  tools  aid 
in  WLAN  management 
tasks.  Page  40 
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PassMark  s  WirelessMon  provides 
IT  the  best  window  into  client  connections 
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Credit  Card  Numbers  Stolen  from  TJX 


Trojan  horse 
captures  data  on 
2,300  Oregon 
taxpayers  *sc 
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THINK  AGAIN. 


*The  U.S.  Department  of  Justice  reports  that  data-stealing  malware 
is  on  the  rise.  That's  because  it's  smarter,  faster  and  more  advanced 
then  ever.  It’s  infiltrating  the  most  secure  enterprises  and  yours  could 
be  next.  But  with  Trend  Micro™  Enterprise  Security,  powered  by  the 
Trend  Micro  Smart  Protection  Network,  you'll  be  ready.  This  unigue 
combination  of  solutions  and  services  is  the  next-generation, 
cloud-client  security  infrastructure  that  blocks  the  most  sophisticated 
threats-before  they  reach  your  network.  Download  our  eBook  and 
learn  how  easily  Web  threats  like  data-stealing  malware  can  evade 
your  current  security  solution  and  what  you  can  do  about  it. 

►  Download  our  Outthink  the  Threat  eBook  and  register  for  a  free, 
onsite  risk  assessment  now  at  trendmicro.com/thinkagain. 
Or  contact  us  for  more  information  at  877-21-TREND  EXT.  53 

trend 

"  MICRO 


Securing  Your  Web  World 


.  OF  BUSINESSES 

ARE  HIT  BY  CYBERCRIME! 

Think  your  data  isn’t  as  attractive  as  theirs? 
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■  The  BlackBerry  Bold  9000  supports 
HSDPA  high-speed  networks  for  faster 
downloads.  See  Cool  Tools,  page  38. 
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CLEAR  CHOICE 


WLAN  MANAGEMENT 


Client-side 
discovery  tools 
aid  in  WLAN 


***** 


PassMark  s  Wire  1  essMon 
provides  best  IT  window 
into  client  connections. 

Test  of  nine  software  packages  shows  a  variety  of 
capabilities  in  terms  of  discovering  Wi-Fi  networks 
and  connecting  to  them.  Page  40 
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GOODBADUGLY 

Goodbye  ISP,  goodbye  spam 

An  ISP  suspected  of  aiding  cybercrimi¬ 
nals  in  online  scams  and  hosting  child 
pornography  was  at  least  partially  cut 
off  from  the  Internet  last  week.The  ISP, 
McColo,  had  been  under  the  watchful 
eye  of  computer  security  analysts  for 
years.  It  is  one  of  a  handful  of  so-called 
"bulletproof”  hosting  providers  that 
provide  safe  haven  online  for  cyber¬ 
criminals  selling  Viagra  and  fake  securi¬ 
ty  software,  and  security  watchers  say 
spam  volumes  fell  precipitously  in  the 
wake  of  the  McColo  disconnect. 

Data  breach  extortionist 
forces  bold  move 

Express  Scripts,  the  phar¬ 
macy  benefits  man¬ 
agement  company 
which  recently  dis¬ 
closed  an  extortion¬ 
ist  is  demanding 
money  by  threatening  to 
expose  millions  of  patient  records  the 
company  holds,  says  it  has  decided  to 
offer  $1  million  to  nab  the  perpetrator. 
“We’re  going  on  the  offense  with  this 
reward,"  a  company  spokesman  says. 

Big  layoffs  at  BT 

British  telecom  operator  BT  Group  will 
lay  off  10,000  workers  as  it  seeks  to  cut 
costs  and  improve  profitability  of  its 
services  branch,  the  company  said  last 
week.  Most  of  the  cuts  will  come  from 
indirect  labor,  such  as  subcontractors 
and  offshore  workers.  BT  has  already 
let  go  4,000  workers  and  the  remaining 
6,000  cuts  will  be  complete  by  the  end 
of  its  financial  year  on  March  31. 

P«LI. 

A  snapshot  of  how  networkworid.com 
visitors  voted  on  a  key  networking  issue 
last  week: 

Which  broadband  wireless  technology 
do  you  prefer? 


GSM 

HSPA 

19% 


Wi-Fi 

33% 


Total  voters  for  this  poll:  113 

Vote  and  discuss:  www.nwdocfmder  corr  7535 


PEERSAY 


Not  all  Nigerians  are 
spammers 

Re:  Facebook  hit  by  Nigerian  419  scam 
(www.nwdocfinder.com/7522): 

It  is  true  there  are  many  scammers  using 
social  online-networking  sites  to  defraud 
people.  In  Nigeria,  I  have  seen  many  guys 
whose  occupation  is  to  stay  in  a  cyber  cafe 
writing  mails  and  love  letters,  posing  as  girls, 
to  men  on  social-networking  sites.  Some 
men  are  gullible;  they  end  up  sending 
money  to  guys  thinking  they  are  girls. 

However,  it  is  wrong  to  assume  that  all 
Nigerians  who  make  use  of  the  Internet  are  a 
fraud.  For  instance, 
there  are  many  peo¬ 
ple  like  myself  who 
abhor  these  fraudu¬ 
lent  tendencies.  There 
are  many  honest  and 
hard-working  Nige¬ 
rians  who  mean  no 
harm  to  people.  Also, 
some  guys  who  are 
not  Nigerians  tend  to 
claim  they  are,  just 
when  the  bubble  had 
burst. 

So,  there  are  many  online  scammers  out 
there  who  are  not  Nigerians.  So  be  careful, 
whoever  you  meet  online  you  are  dealing 
with. 

PaulArhewe 
Lagos,  Nigeria 

Discuss  at  www.nwdocfinder.com/7523 


viable  market?  I  think  that  this  is  an  imma¬ 
ture  model  at  this  point  that  has  little  adop¬ 
tion  outside  the  enterprise;  however,  the 
desire  of  these  SaaS  models  is  driving  these 
areas  to  maturity.  In  other  words,  companies 
are  seeing  the  buzz  and  looking  forward  to 
its  adoption;  but  the  negative  side  of  this 
has  always  been,  wait  until  the  next  service 
level  before  adoption  so  that  ROI  adds 
value,  instead  of  investing  time  and  money 
in  it  upfront. 

3.  How  does  Microsoft  intend  to  deal  with 
the  negative  corporate  and  public  adoption 
model  from  a  marketing  platform?  I  believe 
that  these  areas  of  focus  may  be  the  largest 

stumbling  blocks  to 
the  next  version  of 
Windows. 

4.  What  will  SaaS 
become  with  Win¬ 
dows  7?  Part  of  the 
operating  system? 
How  can  that  model 
become  more  se¬ 
cure  when  such  vast 
differences  in  the 
world  allow  for  secu¬ 
rity  holes  that  inter¬ 
face  with  these  open 
APIs?  Is  that  a  more  secure  model?  I  think 
common  sense  may  dictate  it  opens  more 
security  issues  than  previously  thought. 

James  Fox 

Discuss  at  www.nwdocfinder.com/7525 

A  federal  CTO? 


*fiSo,  what’s  the  purpose  of 
the  purported  federal  CTO? 

Is  this  someone  to  lay  out 
design  for  the  future  of  gov¬ 
ernment  technology,  or 
someone  to  tell  us  what  the 
Internet  will  and  won’t  do?55 


Cloudy  questions 

Re:  Ray  Ozzie  steers  Microsoft  into  the  cloud 
(www.nwdocfinder.com/7524): 

This  article  has  inspired  many  questions  I 
think  need  to  be  answered: 

1 .  Will  the  SaaS  model  become  part  of  this 
seamless  integration  with  the  Web?  If  so, 
how  have  Web-delivered  applications’  mod¬ 
els  addressed  operations  models  for  support 
and  delivery  functions? 

2.  Has  the  industry  matured  enough  in 
these  areas  to  begin  to  model  the  leaders  of 
these  types  of  technologies  so  that  it  is  a 


►  SPECIAL  NETWORK  WORLD  FEATURE 


SCAN  THIS  CODE 
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phone  to  get  the 
latest  IT  network 
news  delivered  to 
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device. 
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software,  use  your  phone  browser  to 
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For  more  information  on  code  scanning 
see  www.nww.com/codescan 


Re:  The  Internet  and  Obama  (www.nwdoc 
finder.com/7526): 

So,  what’s  the  purpose  of  the  purported  fed¬ 
eral  CTO?  Is  this  someone  to  lay  out  design 
for  the  future  of  government  technology,  or 
someone  to  tell  us  what  the  Internet  will  and 
won’t  do? 

If  the  former,  well,  someone  like  Vint  Cerf 
would  be  great  —  if  he  can  overcome  the 
unions  and  civil-service  system.  I  work  with 
senior  engineers  in  government  service  who 
can’t  explain  the  difference  between  a  /24 
and  a  /25,  nor  do  they  know  the  dotted-deci¬ 
mal  expression  of  either.  These  are  the  people 
who  will  implement  Cerf’s  direction  —  or  sit 
around  and  watch  (and  get  paid)  while  con¬ 
tractors  do  it. 

If  the  latter,  look  no  further  than  Detroit  to 
see  what  happens  when  business,  labor  and 
government  get  together  to  establish  a 
future  direction  a  la  CAFE  [fuel-economy 
standards] .  Who  knows  what  kind  of  com¬ 
promise  would  come  out  of  the  marble 
halls  of  Washington? 

Kelly  McGrew 

Discuss  at  www.nwdocfinder.com/7526 
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to  John  Dix,  editor  in  chief,  Network  World,  492 
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IT  drives  your  business.  So  naturally,  it  consumes  your  thoughts.  Customers,  on  the  other  hand,  shouldn’t  need  to 
think  about  it  at  all.  They  just  expect  great  service.  Our  approach  to  Business  Service  Management  helps  ensure  they 
get  it,  by  managing  IT  services  based  on  their  impact  to  your  business.  That  way,  with  your  service  commitments 
fully  in  sync  with  your  business  demands,  you'll  be  able  to  give  your  customers  that  most  coveted  and  elusive  of  all 
service  experiences:  complete  satisfaction.  Of  course,  we'll  know  the  source  of  that  satisfaction  is  really  your  very 
own  IT  department.  Learn  more  and  get  the  latest  white  papers  at  ca.com/bsm. 


CA  World  2008:  November  16-20 
Register  at  caworld.com 
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■  Revamped  certification  —  Security*. 

Microsoft  Subnet  blogger  Randy  Muller 
writes  in  his  All  about  Microsoft 
Certifications  blog:  "Just  as  society  and  the 
people  within  a  society  evolve,  so  does  the  IT 
field  —  I  know,  a  truly  remarkable  observa¬ 
tion —  bear  with  me  though  as  I  expand  upon 
this  theme.  As  anyone  who  has  been  in  the  IT 
field  any  length  of  time  is  more  than  aware, 
our  environments  can  change  rapidly  based 
on  new  technologies,  new  concepts  and  even 
new  legal  requirements.  The  same  holds  true 
with  IT  certifications  as  well." 
www.nwdocfinder.com/7531 

■  Motorola’s  TEAM:  push-to-talk  every¬ 
where.  Craig  Mathias  writes  in  his 
Nearpoints  blog:  "Motorola  this  week 
announced  the  first  elements  of  its  Total 
Enterprise  Access  and  Mobility  (TEAM) 
integrated  voice  and  data  portfolio,  those 
being  management  and  applications  servers 
for  its  (and,  really,  anyone  else’s)  wireless- 
LAN  system,  some  very  nice  Windows 
Mobile  6.1-based  Wi-Fi  handsets,  and  asso¬ 
ciated  software.  Voice  is  well  on  its  way  to 
becoming  a  standard  feature  on  essentially 
all  enterprise-class  wireless  LAN  systems 
going  forward;  it’s  already  a  key  driver  of  the 
network  planning  process  in  many  enter¬ 
prises  around  the  globe." 
www.nwdocfinder.com/7532 

■  BlackBerry  users  get  Google  Maps. 

The  Google  Subnet  blog  reports:  "While  the 
first  Google  phone, T-Mobile’s  G1,  is  decided¬ 
ly  consumer- focused,  Google  is  also  focused 
on  penetrating  the  mobile  enterprise  market¬ 
place.  It  just  released  a  version  of  its  Google 
Maps  for  Mobile  for  the  BlackBerry 
Enterprise  Server  (BES),  and  this  means 
enterprise  admins  can  now  distribute  Maps 
for  Mobile  to  all  their  corporate  BlackBerry 
users  —  without  breaking  any  rules.  Google 
has  developed  new  installation  packages 
that  let  corporate  IT  administrators  deploy 
Maps  for  Mobile  by  placing  the  application’s 
binaries  on  an  internal  server  or  by  pushing  it 
out  via  their  internal  BES. " 
www.nwdocfinder.com/7533 

■  Microsoft  Prepares  OCS  Release  2. 

Matthew  Nickasch  writes  in  his  Considering 
Convergence  blog,  "Microsoft  has  an¬ 
nounced  that  Office  Communications  Server 
2007,  Release  2,  will  become  publicly  avail¬ 
able  beginning  in  February  2009.  Microsoft 
has  slowly  been  building  a  client  base  for  the 
platform,  which  proposes  an  "in-place" 
migration  to  VoIP  while  maintaining  existing 
PBX  hardware." 
www.nwdocfinder.com/7534 


More  gift  guide  fun 

Go  behind  the  scenes 
of  our  holiday  gift  guide 
photo  shoot  to  see 
Keith  Shaw  as  he  per¬ 
fected  his  rock  star 
image. 

www.nwdocfinder.com/7536 


Up  close  with  Omnia 

Samsung  has  launched 
a  version  of  its  Win¬ 
dows  Mobile-based 
touchscreen  Omnia 
phone.  It's  called  theT- 
Omnia,  and  has  an 
upgraded  screen  reso¬ 
lution  of  800  by  480 
pixels. 

www.nwdocfinder.com/7537 


Still  searching  for  ET 

People  have  been  look¬ 
ing  for  extraterrestrials 
for  years,  but  at  the 
University  of  California, 
Berkeley,  scientists  at 
the  SETI  project  are  lis¬ 
tening,  too. 

www.nwdocfinder.com/7538 


■■  BEST  of  NWW’S 
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How  to  manage  your  network 
with  an  iPhone 


Network  management:  Network  managers 
looking  for  a  way  to  expense  an  iPhone 
could  tell  upper  management  about  a  new 
software  download  that  lets  them  take 
action  and  control  their  environment  with  a 
smartphone.  PerformancelT  recently 
launched  a  Web  site  from  which  IT  profes¬ 
sionals  can  download  software  that  lets 
them  transform  their  iPhone,  BlackBerry  or 
other  smartphone  into  a  handheld  remote 
control,  troubleshooting  device.  FreeMylT 
software,  available  as  a  virtual  appliance  or 
in  a  software-as-a-service  model,  makes  man¬ 
aged  network  devices  such  as  routers, 
switches,  servers  and  desktops  accessible  on 
any  smartphone  or  cell  phone.  The  compa¬ 
ny  is  emphasizing  its  application  on  iPhones 
because  of  its  broad  appeal.  "It  works  on 
BlackBerry  and  other  smartphones,  but  the 
iPhone  is  the  up-and-coming  device  to  run 
applications  on  and  we  think  it’s  a  great  way 
to  display  this  information,"  says  Win  Pham, 
director  of  product  development  at 
PerformancelT.  "IT  professionals  can  diag¬ 
nose  and  fix  problems  remotely  and  secure 
ly  and  with  a  smartphone  capable  of  that 
they  might  not  even  need  a  desktop." 
www.nwdocfinder.com/7528 


Tech  exec:  In  mid  October,  SAP  and  Cisco 
announced  the  availability  of  their  Data 
Privacy  composite  application.This  applica¬ 
tion  uses  real-time  network  monitoring  of  the 
enterprise  business  policies  and  controls  to 
prevent  incidents  of  data  in  motion.That’s  a 
buzzword-filled  way  of  saying  you  can  set 
policies  and  controls  in  your  SAP  application 
and  have  the  Cisco  network  conduct  mes¬ 
sage-level  inspections  to  determine  if  any 
data  policies  are  being  violated.  If  violations 
do  occur,  you  can  mange  or  remediate  them 
immediately  rather  than  after  the  fact  when 
it’s  too  late.  There  are  lots  of  data  loss  preven¬ 
tion  products  that  do  this  kind  of  thing. 
However,  the  value  of  having  the  Cisco  net¬ 
work  component  embedded  in  the  applica¬ 
tion  is  that  it  adds  location  awareness  and 
unified  communications  to  the  solution. This 
is  best  illustrated  with  an  example.  Let’s  say 
your  company  uses  SAP  CRM  to  manage  your 
customer  relations.  Joe  in  the  Americas  Sales 
organization  uses  this  application  to  manage 
his  accounts,  opportunities,  activities  and  so 
on.  As  long  as  he  accesses  the  application 
from  any  location  within  the  Americas,  he  can 
work  with  his  accounts. 
www.nwdocflnder.com/7529 
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The  fastest  BlackBerry®  ever 

On  the  nation's  fastest  3G  network. 


BlackBerry 
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BlackBerry 


Breakthrough  speed.  Introducing  the  BlackBerry"  Bold™  smartphone.  Only  from  AT&T. 
Full  HTML  Web  browser 


Packed  with  3G,  GPS,  and  Wi-Fi  |  World  phone 


More  bars  in 
more  places 
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■  Follow  these  links  to  more  resources  online 


Sun  reorganizes,  cuts 
up  to  18%  of  workforce 

Sun  is  laying  off  15%  to  18%  of  its  employees  as  part  of  a  restructuring  plan 
aimed  at  saving  $700  million  to  $800  million  a  year,  and  its  top  software  exec¬ 
utive  is  leaving  the  company  The  cuts  will  affect  between  5,000  and  6,000 
employees.  Sun  also  is  reorganizing  its  software  division,  a  move  it  said  stands  as 
“a  recognition  of  the  comprehensive  role  software  plays  in  the  company’s  growth 
strategy’  Sun’s  software  division  changes  include  a  new  group,  Application 
Platform  Software,  which  includes  Sun’s  MySQL  database  and  infrastructure  tech¬ 
nology  such  as  the  GlassFish  application  server.  The  Cloud  Computing  & 
Developer  Platforms  group  will  focus  on  Web-based  services  as  well  as  Sun’s 
NetBeans  development  platform.  Also,  Sun's  Solaris,  virtualization  and  system 
management  software  teams  will  be  moved  into  the  company’s  systems  group.  In 
addition,  Rich  Green,  the  company's  executive  vice  president  of  software,  has 
decided  to  leave  the  company  Sun  said  the  economy  sparked  the  changes. 
www.nwdocfinder.com/7539 


EMC  unveils  long-awaited  cloud  offer¬ 
ing.  EMC  unveiled  its  long-awaited  cloud 
storage  offering,  a  combination  of  hardware 
and  software  that  promises  to  help  business¬ 
es  build  and  deliver  Internet-based  applica¬ 
tions  on  a  massive  scale.  Code-named  Maui 
and  now  known  as  Atmos,  the  software  por¬ 
tion  is  designed  to  manage  petabytes  of 
information  across  tens  or  hundreds  of  geo¬ 
graphic  locations.The  offering  is  initially  tar¬ 
geted  at  media  and  entertainment  compa¬ 
nies,  telecoms  and  Web  2.0  and  Internet 
providers.  The  Atmos  software  can  either  be 
purchased  by  itself  and  run  on  x86  servers 
virtualized  with  VMware’s  hypervisor,  or  it 
can  be  purchased  in  a  bundle  with  EMC’s 
Hulk  hardware  offering,  which  combines  x86 
servers  with  high-capacity  low-cost  SATA  dri¬ 
ves.  Maui  and  Hulk  have  been  the  source  of 
media  speculation  for  months  but  EMC  is 
only  now  revealing  details. 
www.nwdocfinder.com/7540 

DNS  servers  still  vulnerable  to 
Kaminsky  flaw.  Despite  industry  efforts  to 
lock  down  DNS  servers,  one  in  four  remain 
vulnerable  to  cache  poisoning  caused  by  the 
well-documented  Kaminsky  flaw  identified 
earlier  this  year  and  another  40%  could  be 
considered  a  danger  to  themselves  and  oth¬ 
ers,  new  research  shows.  According  to  the 
fourth  annual  DNS  report  issued  by  The 
Measurement  Factory,  25%  of  DNS  servers 
have  not  been  upgraded  to  perform  source 
port  randomization,  which  is  considered  the 
patch  for  the  vulnerability  identified  earlier 
this  year  by  Dan  Kaminsky,  director  of  pene¬ 
tration  testing  at  IOActive.  Another  potentially 
worrisome  finding  is  that  more  than  40%  of 
Internet  name  servers  allow  recursive 
queries,  leaving  them  vulnerable  to  cache 
poisoning  and  distributed  denial-of-service 


attacks.  Another  30%  of  those  addresses  sam¬ 
pled  allow  zone  transfers  to  arbitrary 
requesters,  which  make  servers  targets  for 
DoS  attacks,  www.nwdocfinder.com/7541 

VMware  acquires  Trango,  debuts 
mobile  hypervisor.  VMware  is  launching  a 
hypervisor  for  mobile  phones,  letting  handset 
makers  design  applications  for  multiple  oper¬ 
ating  systems  and  potentially  letting  cus¬ 
tomers  use  phones  with  two  profiles:  one  for 
personal  use  and  one  for  business. VMware, 
the  market  leader  in  x86  server  virtualization, 
didn’t  build  the  phone  hypervisor  on  its  own. 
Instead,  it  acquired  a  French  company  called 
Trango  Virtual  Processors  in  a  deal 
announced  last  week.  It’s  rebranding  Trango ’s 
product  as  the  VMware  Mobile  Virtualization 
Platform.The  hypervisor  abstracts  applications 
and  data  from  the  hardware,  letting  phone 
makers  deploy  the  same  software  on  many 
phones  regardless  of  underlying  differences  in 
hardware.The  hypervisor,  which  is  about  20  to 
30  kilobytes,  initially  supports  three  mobile 
operating  systems:  Windows  CE,  Linux  and 
Symbian,  www.nwdocfinder.com/7542 

Microsoft  patch  closes  7-year-old  OS 
hole.  A  former  Microsoft  employee  who’s 
now  CTO  for  a  patch  management  firm  says 
an  update  issued  by  Microsoft  last  week  clos¬ 
es  a  vulnerability  that  has  been  exploited  for 
almost  seven  years  and  that  he  first  identi¬ 
fied  while  working  for  the  company  Eric 
Schultze,  who  was  a  security  director  for 
Microsoft,  says  the  MS08-068  patch  that 
Microsoft  released  as  part  of  its  monthly 
Patch  Tuesday  addresses  the  SMBRelay 
attack  written  by  hacker  Sir  Dystic,  from  Cult 
of  the  Dead  Cow,  in  March  2001. Schultze 
acknowledges  that  the  Server  Message  Block 
flaw  addressed  in  MS08-068  has  become  less 


of  a  threat  since  companies  began  to  fine- 
tune  their  firewalls.  But  the  vulnerability, 
which  could  allow  an  attacker  to  take  over  a 
user’s  hard  drive,  is  still  a  threat  within  a  com¬ 
pany’s  firewalls,  he  says,  www.nwdocfind- 
er.com/7543 

Sun  unveils  Amber  Road  storage  line¬ 
up.  The  use  of  flash  memory  to  dramatically 
improve  transaction  processing  highlights  a 
new  line  of  storage  appliances  announced 
by  Sun. The  iSCSI  storage  appliances  com¬ 
bine  standard  hard  drives  with  flash  memory 
and  the  latest  AMD  processors,  with  underly¬ 


ing  software  that  optimizes  performance  by 
moving  data  around  different  tiers  depend¬ 
ing  on  changing  needs.  The  Amber  Road  line 
of  appliances  includes  the  entry-level 
Storage  71 10,  with  as  much  as  2TB  of  storage; 
the  7210  with  as  much  as  48TB  of  storage; 
and  the  7410  with  as  much  as  288TB  of  stor¬ 
age.  Competitor  “EMC  has  taken  a  conven¬ 
tional  approach  [in  Symmetrix  arrays]  where 
they’re  essentially  swapping  out  a  hard  disk 
drive  for  a  solid  state  disk  drive,”  says  Burton 
Group  analyst  Gene  Ruth.  Sun  is  doing  a  bet¬ 
ter  job  leveraging  the  power  of  flash  to 
improve  transactional  performance,  he  says. 
“It’s  innovative  because  they’re  using  solid 
state  disk  to  enhance  the  performance  of 
their  back-end  file  system,”  Ruth  says. 
www.nwdocfinder.com/7544 

AMD  Shanghai  chips  target  virtualiza¬ 
tion  performance.  AMD’s  new  quad-core 
Opteron  processor,  code-named  Shanghai,  is 
designed  to  improve  performance  of  appli¬ 
cations  running  in  virtual  machines  with  var¬ 
ious  features  that  reduce  the  amount  of  work 
required  from  a  hypervisor. “The  idea  is  to 
decrease  the  overhead  associated  with  a  vir¬ 
tualized  application,  and  make  it  run  as  near 
native  as  possible,”  says  Margaret  Lewis,  direc¬ 
tor  of  AMD’s  commercial  solutions.  Both 
AMD  and  Intel  began  embedding  virtualiza¬ 
tion-friendly  features  in  their  chips  a  few 
years  ago,  enabling  routine  operations  to  be 
handled  in  the  hardware  and  reducing  the 
amount  of  software  code  needed  from 
hypervisors  such  as  VMware  and  Xen.  Lewis 
says  virtualization  improvements  will  result 
in  benefits  such  as  applications  being  able  to 
handle  more  users  or  perform  more  transac¬ 
tions.  AMD  will  follow  Shanghai  with 
Istanbul,  a  six-core  processor  in  2009,  and  the 
12-core  Magny-Cours  in  2010. 
www.nwdocfinder.com/7545 
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NEC’s  advanced  communications 
solutions  put  you  in  charge  when  it 
matters  most. 


Finally,  a  communications  solution  capable  of  providing  up-to-date  patient 
information  whenever  and  wherever  it  is  needed. 

NEC’s  Unified  Communications  provide  a  dynamic  and  realistic  connection  among 
individuals,  devices,  applications,  and  data.  Based  on  a  combination  of  innovative 
technologies  and  advanced  solutions,  its  mobility  and  flexibility  enables  people  to 
experience  greater  efficiency  and  productivity  -  in  any  industry. 

Integrated  IT  and  networking  solutions  like  these  have  made  NEC  a  world  leader, 
and  your  reliable  business  partner. 

Regardless  of  the  communications  solution  your  business  demands,  you  are 
assured  of  one  thing.  NEC  empowers  you  through  innovation. 


L_  www.necus.com/uc 


IT  SERVICES  AND  SOFTWARE  NETWORKING  AND  COMPUTING  SEMICONDUCTORS 


IMAGING  AND  DISPLAYS 


pmbzt 

m 


©NEC  Corporation  2008. 

NEC  and  the  NEC  logo  are  registered  trademarks  of  NEC  Corporation. 
Empowered  by  Innovation  is  a  trademark  of  NEC  Corporation. 


Empowered  by  Innovation 


isisslisf; 


•  •:  ft',." ' 


^fShSsBEwShB 


Move  your  mobile  workforce  over 
to  VoIP  using  innovative  software  from 
Microsoft.  Software  that  integrates 
with  Windows  Server”  Active  Directory" 
services,  Microsoft”  Office,  and 
Microsoft  Exchange  Server.  Keep  your 
existing  PBX  hardware  and  still  get  new 
voice  capabilities  like  drag-and-drop 
conferencing,  anywhere  access,  and 
click-to-call  functionality  from  familiar 
desktop  applications. 

A  software-powered  VoIP 
solution,  based  on  Microsoft  Office 
Communications  Server  2007,  helps  you 
increase  the  productivity  and  flexibility 
of  your  workforce — especially  your 
mobile  users.  Empower  your  people 
with  better  connectivity,  leave 
the  PBX  plugged  in.  Learn  more  at 
microsoft.com/voip 
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The  hardware  stays, 
your  mobile  users  hit 
the  road  with  VoIP. 


NEWS  ANALYSIS 


Nortel  woes  raise  questions  about  UG 


BY  JOHN  FONTANA 

Nortel’s  rocky  financial  situation  and 
announced  layoffs  last  week  of  1,300  people 
likely  won’t  have  much  short-term  impact  on 
the  company’s  four-year  unified  communica¬ 
tions  alliance  with  Microsoft,  according  to 
experts. 

But  the  long-term  outlook  is  that  users  will 
likely  see  vendors  such  as  Microsoft,  IBM  and 
Cisco  rise  to  the  top  of  the  voice  pile  via  their 
UC  platforms  built  around  integrated  software 
applications  and  middleware. 

“I’m  not  saying  Nortel  will  be  killed  off,  they 
have  a  great  opportunity  to  build  value  on  top 
of  Microsoft,”  says  Zeus  Kerravala,  an  analyst 
with  the  Yankee  Group. “What  you  are  seeing  is 
a  transformation  akin  to  the  transformation 
from  the  mainframe  to  Windows.  Back  then 
you  had  huge  hardware  giants  like  Honeywell, 
Burroughs,  Univac,  and  they  all  kind  of  went 
away  Nortel,  Avaya,  Alcatel,  Siemens  —  these 
guys  are  the  mainframe  giants  of  this  genera¬ 
tion.  One  or  two  of  them  may  survive  but  cer¬ 
tainly  not  all  of  them.” 

Kerravala  says  Nortel’s  current  trouble 
shouldn’t  affect  its  partnership  with  Microsoft 
in  the  next  16  months, but  he  thinks  by  2015  the 
alliance  will  be  gone. 

He  says  Nortel’s  challenge  is  to  prove  not 
only  that  it  will  be  around  long  term  but  that  it 
can  complement  the  Microsoft  platform  and 
be  a  strategic  partner. 

“I  do  believe  that  the  traditional  PBX  is 
becoming  a  development  platform  and  the 
winners  and  losers  will  be  defined  by  those 


that  create  a  viable  development  community 
around  it.  Who  is  good  at  that?  Microsoft,” 
Kerravala  says. 

The  frenzied  interest  in  UC  is  no  surprise;  IDC 
predicted  in  March  that  sales  of  UC  gear  would 
top  $17  billion  in  four  years. 

Nortel  and  Microsoft  were  in  front  of  that 
curve.  They  forged  a  partnership  in  2006  that 
resulted  in  what  they  called  the  Innovative 
Communications  Alliance  (1CA),  a  plan  to 
jointly  develop,  sell  and  roll  out  UC  and  VoIP 
technology  over  four  years. 

The  deal  involved  professional  services,  cross 
licensing,  joint  products,  sales  and  partners. 

Nortel  originally  was  mentoring  Microsoft 
into  its  voice  age,  experts  say  but  Nortel  clearly 
saw  that  the  telephony  game  was  changing. 

At  the  signing  of  the  ICA  deal,  Nortel  CEO 
Mike  Zafirovski  said, “We  wanted  to  change  the 
trajectory  of  [Nortel’s]  enterprise  business.  Our 
new  relationship  with  Microsoft  represents  an 
opportunity  to  create  well  over  $1  billion  in 
revenue  for  Nortel  in  the  next  [several]  years 
[with]  the  combination  of  [Nortel]  profession¬ 
al  services,  voice  products  and  data  pull- 
through  [sales]  from  our  customers.” 

Judging  by  Nortel’s  $3.4  billion  loss 
announced  last  week,  it  doesn’t  appear  that  the 
returns  have  been  up  to  Zafirovski’s  prediction. 
Nortel  officials  declined  to  discuss  the  partner¬ 
ship  in  terms  of  dollars. 

Nortel  has  been  betting  that  telephony  is 
going  to  software,  and  the  company  is  eyeing  a 
short-term  future  of  integrated  infrastructure 
and  a  long-term  play  for  adding  vertical  appli¬ 


cations  and  scalability  enhancements  on  top 
of  the  Microsoft  platform. 

Both  Microsoft  and  Nortel  say  their  relation¬ 
ship  is  going  full-steam  ahead  and  both  have 
numerous  other  irons  in  the  UC  fire. 

In  fact,  Nortel  has  a  deal  with  IBM/Lotus  for 
hosted  UC  using  the  Lotus  Sametime  client  on 
the  front  end,  a  deal  that  mimics  one  Nortel 
announced  with  Microsoft  in  June. 

And  Microsoft,  which  aligns  as  closely  with 
Siemens  and  Mytel  as  it  does  Nortel,  is  not 
standing  still.  In  October,  it  unveiled  its 
UC/voice  platform  Office  Communications 
Server  (OCS)  2007  R2  and  said  it  would  ship 

See  Nortel,  page  18 


InBrief 

GA  to  buy  Eurekify 

CA  has  inked  a  deal  to  acquire  identity  man¬ 
agement  vendor  Eurekify  for  an  undisclosed 
sum. The  acquisition,  expected  to  close  by 
the  end  of  the  month,  will  let  CA  add 
Eurekify’s  automated  role  provisioning  and 
identity  life-cycle  management  capabilities 
to  its  own  Identity  Manager  software.The 
addition  of  this  type  of  automation  in  CA’s 
identity  management  arsenal  will  help  cus¬ 
tomers  reduce  costs  and  improve  outdated 
processes  around  identities  to  meet  current 
compliance  and  security  requirements,  ana¬ 
lysts  says.  CA  says  it  will  integrate  Eurek¬ 
ify’s  Ra'anana,  Israel-based  operations  into 
its  own. 

Microsoft  kicks  off  next  era  of 
small  business  software 

Microsoft  last  week  released  new  bundles  of 
infrastructure  servers  geared  for  small  and 
midsize  businesses.  Under  the  marketing 
banner  of  Windows  Essential  Server 
Solutions  (WESS),  Microsoft  released 
Essential  Business  Server  (EBS)  2008,  its 
first-ever  bundle  for  midsize  businesses, 
and  Windows  Small  Business  Server  (SBS) 
2008,  which  has  evolved  over  the  past  12 
years.  The  WESS  offerings  bundle  popular 
IT  software  in  order  to  ease  rollout  and 
management  burdens  for  small  and  midsize 
companies  that  have  up  to  300  PCs.  WESS 
offers  small  businesses  for  the  first  time 
options  to  deploy  multiple  servers,  mobile 
options,  a  platform  for  small  companies  to 
run  business  applications  and  the  first  inte¬ 
gration  between  small  business  infrastruc¬ 
ture  and  Microsoft’s  online  services  as  part 
of  its  software-plus-services  model. 


Microsoft-Nortel  integrations 

The  companies  say  they  have  delivered  10  integrated  products  as  part  of 
their  Innovative  Communications  Alliance  signed  in  2006.  Here  is  a  look  at 
a  handful  of  the  products  available  now. 


Product 

Description 

Nortel  Secure  Network 
Access  2.0 

Integrates  Secure  Network  Access  Switches  4050  and  4070 
and  Microsoft’s  Network  Access  Protection,  which  verifies 
a  client  desktop  is  secure  before  letting  it  on  a  network. 

Nortel  Converged  Office 
for  Office  Communica¬ 
tions  Server  (OCS)  2007 

Integrates  the  voice  functionality  of  Nortel’s  Communication 
Server  1000  1P-PBX  or  CS  2100  IP-PBX  with  OCS  2007. 

UC  Integrated  Branch 

Combines  OCS  2007  mediation  server  capabilities  with 
the  Nortel  Secure  Router  4134. 

Carrier  Hosted  Unified 
Communications  Solutions 

Service  provider  platform  built  on  Nortel’s  Communication 
Server  2000  Softswitch  with  OCS,  and  Exchange  unified 
messaging.  Service  accessed  via  Office  Communicator 
Client. 

Nortel  Multimedia  Confer¬ 
encing  5.0  for  OCS  2007 

Provides  OCS  2007  with  dial-in  audio  bridge  and  enables 
external  non-OCS  users  to  dial  in  to  conference. 
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Imagine  storage  and  data  management  solutions  smart  enough  to  support  the  data  you  need,  and  not  a  lot  of  dead  weight. 

It’s  possible  when  you  partner  with  NetApp.  Our  industry-leading  solutions  use  deduplication  and  other  space-saving  technologies 
to  help  you  store  data  efficiently  and  reduce  your  footprint  by  50%  or  more.  So  you  can  manage  exponential  growth  while 
minimizing  your  storage  investment— all  with  the  support  of  a  team  that  will  exceed  your  expectations.  See  how  we  can  help 
your  business  go  further,  faster.  Find  out  how  you  can  use  50%  less  storage,  guaranteed*  at  netapp.com/efficiency. 


NetApp 


Go  further,  faster 


©  2008  NetApp.  All  rights  reserved.  Specifications  are  subject  to  change  without  notice.  NetApp.  the  NetApp  logo,  and  Go  further,  faster  are  trademarks  or  registered  trademarks  of  NetApp,  Jftc,  in  ifv 
States  and/or  other  countries.  All  other  brands  or  products  are  trademarks  or  registered  trademarks  of  their  respective  holders  and  should  be  treated  as  such.  'This  guarantee  and  related  Program  is  llm 
the  terms  set  forth  in  the  Program  Guide  and  Acknowledgement  For  50%  Virtualization  Guarantee  Program  document,  applicable  only  to  prospective  orders  placed  after  the  Program  affective  datb.and'is.di 
upon  your  compliance  with  the  terms  and  conditions  set  forth  in  this  document  and  any  of  the  instruction  sets  and  specifications  set  forth  in  the  referenced  documents.  NetApp's  sCle  and  exdlusive  liablli 
your  sole  and  exclusive  remedy  associated  with  the  terms  of  this  guarantee  and  related  Program  is  the  provision  by  NetApp  of  the  additional  storage  capacity  as  set  forth  in  this  guararitee  arid  related  Prc 
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Software-based  NAG  catching  on 


Pros  and  cons  of  software-based  NAC 

Despite  some  drawbacks,  software-based  network  access  control  that  relies 
on  endpoint  enforcement  is  proving  popular  and  useful,  especially  when 
deployed  as  part  of  endpoint  security  suites. 


Pros 

Cons 

Can  be  deployed  as  part  of  a  larger 
endpoint  security  package  so  requires  no 
additional  agents. 

Infected  endpoints  can  indicate  that  they 
are  compliant  when  they  are  not. 

A  single  management  platform  can  handle 
NAC  and  the  security  suite. 

Endpoint-software-based  NAC  doesn’t 
enforce  on  unmanaged  machines. 

Rich  data  and  reporting  can  help  support 
that  regulatory  policies  are  being  enforced. 

They  lack  ancillary  features  such  as 
intrusion  prevention  that  other  NAC 
architectures  include. 

BY  TIM  GREENE 

Despite  some  shortcomings,  software-based 
network  access  control  technology  that 
enforces  policies  on  network  endpoints  is 
often  the  first  choice  of  customers  who  adopt 
the  technology 

Often  a  corporation  already  uses  a  suite  of 
endpoint-security  software  to  which  it  can  add 
a  NAC  endpoint  client,  minimizing  the  training 
and  investment  required. 

For  example,  Hidalgo  County  Texas,  looked 
into  a  Cisco  NAC  appliance  deployment  to 
solve  its  endpoint-compliance  problems,  says 
Renan  Ramirez,  the  county’s  CIO.  “The  Cisco 
solution  was  going  to  cost  six  figures,”  he  says, 
but  the  county  chose  a  Sophos  NAC,  which 
cost  about  $50,000. 

The  county  was  about  to  buy  Sophos 
antivirus  software  and  the  incremental  cost  of 
NAC  made  it  worthwhile,  Ramirez  says.  “Cost 
overrules  everything,”  he  says. 

Besides  endpoint-based  NAC,  there  are  two 
other  basic  options  when  picking  NAC  prod¬ 
ucts:  infrastructure-based  that  uses  switches  to 
enforce  policies;  and  appliance-based  using  a 
dedicated  appliance  to  enforce  policies  (per¬ 
haps  in  conjunction  with  other  network  ele¬ 
ments). 

Each  has  its  shortcomings.  For  example,  NAC 
products  that  enforce  policies  via  Dynamic 
Host  Configuration  Protocol  (DHCP)  proxy 
servers  do  nothing  to  stop  machines  that 
obtain  static  IP  addresses  and  don’t  use  DHCP 
to  make  their  network  connections.That  makes 
significant  portions  of  corporate  networks 
invisible  to  these  NAC  products, says  Ofir  Arkin, 
CTO  of  NAC  vendor  Insightix.  He  is  the  author 
of  a  paper  outlining  NAC  flaws. 

Every  customer  must  decide  which  architec¬ 
ture  is  best  for  them, says  Rob  Whiteley  an  ana¬ 
lyst  with  Forrester  Research.  “There  is  no  one- 
size-fits-all,”  he  says. 

The  upside  of  NAC  that  uses  endpoint  soft¬ 
ware  to  enforce  policies  is  that  it  can  provide 
comprehensive  data  about  the  endpoint  as 
well  as  a  remediation  mechanism  when  the 
NAC  agent  is  part  of  an  endpoint  security  suite. 
It  also  gathers  a  wealth  of  data  that  can  be  used 
to  prove  to  regulators  that  industry  or  govern¬ 
mental  policies  have  been  upheld. 

The  major  downside  to  endpoint-enforced 
NAC  is  largely  theoretical  and  one  that  cus¬ 
tomers  seem  willing  to  overlook.  The  problem 
is  that  rootkits  can  take  over  machines  to  make 
them  lie  about  their  health.  This  underlying 
endpoint  problem  can  be  mitigated  by  soft¬ 
ware  that  monitors  behavior  of  machines  to 
determine  if  they  are  acting  badly  And  mis¬ 
leading  endpoints  haven’t  actually  proven  a 
problem  for  many  customers. 

“[Lying  endpoint]  is  more  theoretical  to  us 
than  practical,”  says  Seth  Shestack,  associate 
director  of  information  security  at  Temple 


University  in  Philadelphia,  the  28th-largest  uni¬ 
versity  in  the  United  States.  “We’ve  had  three 
years  of  experience  with  [Symantec  NAC]  and 
we  haven’t  run  across  it  in  our  experience.” 

Shestack’s  main  goal  was  to  keep  compliant 
the  laptops  that  came  and  went  from  Temple’s 
five  campuses,  and  NAC  that  involved  appli¬ 
ances  wouldn’t  scale.“We  would  need  so  many 
of  these  devices  that  it  would  have  been  cost- 
prohibitive,”  he  says.  The  school  has  rolled  out 
NAC  to  15,000  endpoints,  he  says. 

Another  goal  of  installing  NAC  was  to  elimi¬ 
nate  denial-of-service  (DoS)  attacks  caused  by 
bot-infected  machines,  he  says.  “NAC  cut  DoS 
attacks  on  the  core  networks  to  zero.  I  credit 
NAC  for  it.  That’s  exactly  what  stopped  it,”  he 
says. 

One  downside  of  software-based  NAC  is  it 
can’t  do  much  with  unmanaged  machines  that 
don’t  have  NAC  agents  running  on  them.“If  you 
don’t  own  the  endpoint  then  putting  an  agent 
on  it  is  either  impossible  or  in  many  cases  a  lia¬ 
bility  So  you  wouldn’t  do  that.  I  think  that  rea¬ 
son  alone  is  why  endpoint  solutions  have  got¬ 
ten  such  a  bad  rap,”Whiteley  says. 

To  deal  with  this  problem,  McAfee,  for 
instance,  is  adding  enforcement  of  NAC  poli¬ 
cies  based  on  behavior  via  its  intrusion-pre¬ 
vention  system  (IPS)  appliance  and  next  year 
via  a  dedicated  NAC  appliance. 

The  company  recognizes  that  customers 
may  use  more  than  one  category  of  NAC  prod¬ 
uct.  Vinit  Duggal.CISO  of  the  $2.2  billion  satel¬ 
lite  communications  company  Intelsat,  uses 
McAfee  NAC.  He  tested  802. lx  switch-based 
NAC  but  felt  it  didn’t  offer  enough  network  vis¬ 
ibility. 

That  visibility  can  be  achieved  by  distributing 
software  to  endpoints,  which  is  a  relatively  sim¬ 
ple  option  for  Intelsat.The  company  has  made 
acquisitions  of  other  companies,  and  putting 
the  software  on  their  endpoints  brings  needed 


access  control  and  knowledge  about  network 
activity  Duggal  says. “Our  problem  is  all  about 
visibility  throughout  Intelsat,”  he  says. 

Managed  machines  with  NAC  software  and 
McAfee’s  security  suite  can  be  kept  up  to  date 
or  locked  out  if  they  are  non-compliant,  he 
says,  until  they  are  remediated.  “It  solves  the 
issue  that  managed  machines  need  to  be  up  to 
date,”  Duggal  says.“It  doesn’t  solve  the  problem 
for  those  [unmanaged]  machines  you  don’t 
know  about.” 

The  company  has  many  contractors  and 
partners  who  connect  to  the  Intelsat  network 
with  their  own  laptops, and  he  needed  a  way  to 
control  them.They  don’t  allow  Intelsat  to  install 
NAC  software.  But  McAfee  has  upgraded  its  IPS 
appliance  to  enforce  NAC,  and  this  solves  the 
problem  for  Intelsat,  Duggal  says.  The  device 
discovers  misbehaving  machines,  managed  or 
unmanaged,  and  can  block  their  access. 

Price  is  a  big  factor  for  some  customers.  In 
general,  endpoint-based  NAC  costs  less  than 
other  options,  Whiteley  says,  with  $100  per  end¬ 
point  being  a  ballpark  figure. 

For  all  its  usefulness,  software  NAC  doesn’t 
answer  all  the  problems.  In  Hidalgo  County 
Ramirez  says  it  doesn’t  solve  his  problem 
screening  guest  users.  “We’re  probably  still  in 
the  market  for  a  NAC  appliance,  too.” 

This  is  common,  Whiteley  says.“I  think  you’ll 
find  most  of  the  software-based  NAC  products 
end  up  using  some  sort  of  back-end  DHCP 
solution  or  a  partnership  with  an  appliance  to 
discover  unmanaged  systems  —  and  it’s  not  a 
graceful  architecture,”  he  says. 

Standards  observed  by  vendors  of  all  types  of 
NAC  gear  would  ease  the  problem  and  per¬ 
haps  make  a  single  central  NAC  policy  enforce¬ 
able  on  any  platform,  he  says,  and  he  is  hope¬ 
ful  that  will  come  to  pass.“If  they  don’t  support 
each  other  out  of  the  box  today  there’s  going  to 
be  a  relatively  easy  upgrade  path,”  he  says.  ■ 
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THE  NEW  TREO™  PRO  SMARTPHONE. 
THE  HIGHEST  EXPRESSION  OF  MOBILE  PRODUCTIVITY  AND 


PALM  SIMPLICITY. 


Productivity- it's  so  hot  right  now.  Especially  with  the 
new  Treo™  Pro  smartphone.  Talk  about  attractive,  it's 
unlocked  and  GSM-compatible  for  use  almost  anywhere 
around  the  globe*  It  also  integrates  easily  into  your 


current  infrastructure  thanks  to  Microsoft®  Windows 
Mobile®  6.1.  And  all  your  users  wili  appreciate  how 
productive  they  can  be  thanks  to  Wi-Fi,  GPS,  and  many 
other  one-touch  shortcuts.  To  learn  more,  visit  palm.com 


*SIM  card  required.  Within  GSM  coverage  area  only.  Over  860  GSM  networks  provide  coverage  in  220  countries.  Email  and  web  require  data  services  at  additional  cost. 
Within  range  of  Wi-Fi  hotspot  using  802.11b/g  wireless  connection.  Some  Wi-Fi  hotspots  require  fee  for  usage.  GPS  application  not  available  from  all  carriers.  Third-party 
software  may  be  required.  GPS  coverage  not  available  in  all  areas  at  all  times.  ©  2008  Palm,  Inc.  All  rights  reserved.  Palm  and  Treo  are  among  the  trademarks  or  registered 

trademarks  owned  by  or  licensed  to  Palm,  Inc.  All  screen  images  simulated. 
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Convergence  drives  managed  LANs 

Convergence  of  voice,  video,  data  drives  many  companies  to  seek  help 


A  look  at  managed  LAN  services 

To  give  you  an  idea  of  what's  available  on  the  managed  LAN  market,  here 
is  a  brief  overview  of  what  three  vendors  offer: 

•  Verizon  Business:  Provides  the  foundation  for  Verizon's  VoIP  and  WLAN  services; 
offers  access,  transport,  customer  premises  equipment,  network  monitoring  and  man¬ 
agement  services;  service-level  agreements  include  time  to  repair  of  three  and  a  half 
hours  and  state  that  customers  will  be  notified  within  15  minutes  whenever  a  serious 
incident  occurs. 

•  Sprint  Business:  Provides  managed  LAN  services  are  part  of  Sprint's  Managed 
Network  Services  package;  offers  a  site-by-site  implementation-level  design  for  each 
LAN  service,  as  well  as  monitoring  of  LAN  performance  24  hours  a  day,  with  real-time 
performance  metrics  measured  every  90  minutes;  has  managed  LAN  offerings  for  small 
and  midsized  businesses,  as  well  as  offerings  for  businesses  with  multiple  branch 
offices. 

•  EDS:  Utilizes  Cisco  technology  to  deliver  network  management  services;  is  unique  in 
that  it  is  independent  of  any  carrier  or  ISP,  and  can  manage  LAN  services  for  cus¬ 


tomers  using  a  variety  of  carriers;  provides  engineering,  installation,  configuration  and 
network  monitoring 


BY  BRAD  REED 

There  was  a  time  when  the  decision  to  man¬ 
age  LANs  in-house  was  a  no-brainer.  LANs  by 
definition  cover  a  small  area  and  have  tradi¬ 
tionally  been  simple  operations  to  run  and 
maintain. 

But  last  year,  Insight  Research  reported  that 
managed  LAN  services  were  the  fastest-grow¬ 
ing  segment  of  the  managed  services  market, 
with  growth  rates  50%  higher  than  aggregate 
managed  services. 

The  recent  economic  downturn  won’t  result 
in  “any  kind  of  drastic  change”  in  demand  for 
managed  LAN  services,  says  Robert  Rosen¬ 
berg,  Insight  president.  While  his  firm  is  still 
working  on  projecting  growth  rates  for  this 
year,  he  doesn’t  expect  the  updated  projec¬ 
tions  to  differ  significantly  from  2007,  during 
which  Verizon  Business,  AT&T,  as  well  as  by  sys¬ 
tems  integrators,  such  as  IBM  and  EDS  were 
leaders. 

Vendors,  analysts  and  customers  typically 
point  to  three  major  factors  driving  IT  depart¬ 
ments  to  look  into  managed  LAN  services:  the 
increasingly  dispersed  locations  of  company 
branches;  the  security  challenges  that  come 
with  relying  more  on  wireless  access  points; 
and  the  advent  of  high-bandwidth  applica¬ 
tions  that  have  made  managing  local  net¬ 
works  much  more  difficult  than  when  net¬ 
works  were  only  for  data  transfers. 

With  regard  to  using  LANs  for  high-band¬ 
width  applications,  Rosenberg  says  that  the 
big  driver  in  LAN  complexity  is  the  desire  to 


make  network  systems  relatively  simpler  by 
moving  all  major  applications  they  support  to 
IP  Irwin  Lazar,  an  analyst  at  Nemertes  Re¬ 
search, says  that  an  increasing  number  of  com¬ 
panies  want  to  have  outside  parties  manage 
their  LANs  to  ensure  that  critical  applications 
such  as  voice  and  video  experience  minimum 
latency  and  jitter. 


“Companies  are  much  more  interested  in 
managing  VoIR  Web  applications  and  video 
quality  on  their  LANs  than  they  used  to  be,” 
Lazar  says.  “Application  performance  is  key, 
and  companies  that  are  deploying  local  VoIP 
or  videoconferencing  networks  are  often  look¬ 
ing  to  the  ISPs  to  provide  managed  services 
See  Managed  LANs,  page  25 


Nortel 

continued  from  page  14 

officially  in  February  2009,  although  it  is  likely 
to  be  available  before  year-end. 

The  significance  to  Nortel  and  other 
Microsoft  partners  is  an  OCS  2007  R2  feature 
called  Session  Initiation  Protocol-enabled 
trunking  that  allows  a  direct  VoIP  connection 
between  an  Internet  telephony  service 
provider  and  Microsoft’s  Office  Communicator 
client  without  requiring  on-premises  gateways 
like  Nortel  supplies. 

“The  2010  expiration  of  the  [ICA]  deal  seems 
like  a  good  time  to  reassess  where  the  market 
is  going,”  says  Larry  Hettick,  an  analyst  with 
Current  Analysis. 

Despite  Nortel’s  troubles,  Hettick  says  it  and 
other  telecom  vendors  need  to  support  Micro¬ 
soft’s  UC  interface  —  Office  Communicator. 

“The  telecom  vendors  have  given  up  on  the 
GUI  interface,”  Hettick  says.  “In  terms  of 
Microsoft,  do  they  need  Nortel?  They  don’t 
need  them  so  much  as  they  need  support  from 
all  the  IP  PBX  vendors  for  integration.” 


So  far,  ICA  has  been  fruitful,  including  10  ICA 
products  in  the  market  and  1 , 100  joint  ICA  cus¬ 
tomers,  according  to  Nortel  officials. 

The  pair  also  has  opened  up  collaboration 
centers,  technology  centers  with  live  ICA 
demonstrations.  And  they  have  established  ICA 
demonstration  centers  around  the  world. 

But  beyond  this  Microsoft  doesn’t  want  to 
peer  into  the  future. 

“Our  relationship  with  Nortel  is  strong  and 
customer  interest  in  our  joint  solutions 
remains  high,”  says  Craig  Schuman,  director  of 
business  development  and  strategy  for  the  UC 
group  at  Microsoft.  Schuman  cites  new  cus¬ 
tomers  such  as  Telefonica  Moviles  Argentina, 
Nueva  EPS  and  Conagra.  “Nortel  remains  a 
strategic  partner  for  us  in  the  UC  space.  Past 
that,  we  can’t  comment  on  any  future  business 
discussions.” 

Nortel  officials  say  that  ICA  is  servicing  cus¬ 
tomers  as  intended  by  offering  product  inte¬ 
grations  to  support  UC. 

“We  are  committed  to  ICA,”  says  Ruchi 
Prasad,  vice  president  and  general  manager  of 
ICA  for  Nortel.“We  have  a  four-year  relationship 


with  Microsoft  and  we  have  made  a  tremen¬ 
dous  amount  of  progress.” 

Prasad  says  Nortel  has  put  its  investment  into 
three  areas:  integration,  investment  protection 
for  users,  and  transformation. 

“The  industry  is  at  a  critical  point,  but  our 
focus  is  on  customer  value.  We  are  on  track,” 
she  says. 

But  future  development  at  Nortel  will  be 
challenged  after  the  company  said  this  week  it 
will  cut  spending  on  R&D  by  9%  to  $377  mil¬ 
lion  in  the  third  quarter. 

The  cuts  will  affect  the  company’s  transfor¬ 
mation  into  software  and  voice  applications 
given  that  Zafirovski  said  last  year  at  VoiceCon 
that  the  majority  of  the  company’s  R&D  is 
focused  on  software  —  with  75%  to  80%  of 
development  dollars  going  to  writing  code, 
rather  than  developing  circuit  boards,  line 
cards  and  handsets. 

“I  think  some  people  underestimate  Micro¬ 
soft  in  voice,”  the  Yankee  Group’s  Kerravala 
says.“I  know  they  are  a  new  vendor,  but  this  is 
the  market  moving  to  software,  the  ICA  is  tem¬ 
porary  relationship."  ■ 
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1 0  IT  security  companies  to  watch 

Video  surveillance,  data  leakage,  malware  control  and  product  rollouts 


BY  ELLEN  MESSMER 

Our  picks  for  this  year’s  10  IT  security  com¬ 
panies  to  watch  offer  products  and  services 
that  involve  everything  from  video  surveillance 
to  application  whitelisting  to  malware  block¬ 
ing.  But  if  there’s  a  common  theme  among 
most  of  these  vendors,  it’s  that  trusted  personal 
relationships  forged  in  universities,  business 
and  the  military  played  an  essential  role  in 
inspiring  their  founders  and  convincing 
employees  to  join  them.  And  that’s  not  to  men¬ 
tion  the  millions  in  seed  money  not  just  from 
venture  capitalists  but  also  angel  investors,  and 
yes,  family 

Behavioral  Recognition  Systems 

Founded:  2005 

Headquarters:  Houston 

What  the  company  offers:  AlSight  is  video¬ 
analytics  technology  that  converts  images  cap¬ 
tured  by  a  camera  into  machine-readable  out¬ 
put  that  provides  real-time  intelligence  about 
the  surveillance  to  generate  an  alert. 

Why  it’s  worth  watching:  As  use  of  video¬ 
monitoring  grows,  business  and  government 
may  want  to  automate  surveillance  to  be 
warned  of  unexpected  events.  AlSight  can  be 
used  with  existing  video-monitoring  systems. 

How  company  got  its  start:  Founder  Ray 
Davis  saw  a  gap  in  the  effectiveness  of  video 
surveillance  systems  and  backed  a  team  of  sci¬ 
entists  working  on  artificial-intelligence  recog¬ 
nitions  systems  for  video. 

How  company  got  its  name:  The  BRS  artifi¬ 
cial-intelligence  technology  uses  adaptive 
learning  to  anticipate  behavior  based  on 
knowledge  it  accumulates  over  time. 

CEO:  Davis  is  an  entrepreneur  involved  in 
technology  start-ups  from  the  ‘90’s,  including 
SimDesk,  CyNet  and  OnDisk. 

Funding:  $23  million  from  undisclosed  angel 
investors. 

Customers:  None  announced  but  there  are 
eight  pilot  tests  in  progress  in  energy  financial 
services,  government  and  a  sports  stadium. 

CoreTrace 

Founded:  Officially  in  2001,  but  dormant 
until  2007 

Headquarters:  Austin, Texas 

What  the  company  offers:  Specializes  in 
application  whitelisting  software;  its  Bouncer 
products  for  the  enterprise  are  designed  to  pre¬ 
vent  unauthorized  applications  from  running 
on  desktops  and  servers  based  on  Windows, 
Solaris  and  in  the  future,  Linux. 

Why  it’s  worth  watching:  As  combating  mal¬ 
ware  continues  to  get  tougher  due  to  volume, 
alternates  to  using  just  antivirus  software  are 
getting  attention.  Whitelisting  —  the  method  of 
allowing  only  stipulated  applications  to  run  — 


is  one  approach.  However,  whitelisting  software 
still  has  a  reputation  as  difficult  to  manage, 
something  CoreTrace  says  it  tackles  with  its 
product. 

How  company  got  its  start:  Co-founders 
Daniel  Teal,  CTO,  and  his  brother  Richard,  vice 
president  of  engineering,  came  up  with  their 
basic  concept  years  ago,  but  didn’t  launch  a 
firm  until  last  year  when  they  teamed  up  with 
Toney  Jennings,  now  the  CEO,  with  whom  they 
had  worked  at  Trident  Data  Systems  and  the  Air 
Force  several  years  ago. 

How  company  got  its  name:  Plays  off  the 
idea  that  Bouncer  Software  traces  any  attempt 
to  make  changes  to  the  core  of  the  operating 
system. 

CEO:  Jennings  was  formerly  president  and 
CEO  of  Mirage  Networks.  His  career  also 
includes  being  founder,  CEO  and  chair  of 
WheelGroup,  which  was  sold  to  Cisco. 

Funding:  $8.2  million  from  Hunt  Ventures 
and  Venrock. 

Customers:  State  of  Texas,  Horry  Telephone 
Cooperative,  Click  Forensics. 


Envysion 

Founded:  2006 

Headquarters:  Louisville,  Colo. 


Envysion's  managed  video-surveil¬ 
lance  service  gives  security  managers 
a  view  into  business  operations. 


What  the  company  offers:  Its  managed  video¬ 
surveillance  services  include  installation  of 
cameras  in  business  locations,  which  are 
remotely  managed  through  its  Denver-based 
data  center.  Envysion  also  can  enable  detec¬ 
tion  of  theft  through  correlating  sales  data  gen¬ 
erated  electronically  through  cash  registers 
and  bar-coding  with  video-surveillance  record¬ 
ings  of  activity 

Why  it’s  worth  watching:  IP-based  digital-sur¬ 
veillance  systems  are  becoming  more  popular 
in  business, but  not  every  organization  wants  to 


install  and  manage  them.  Envysion’s  approach 
provides  businesses  with  a  managed  service 
that  has  Internet  and  Web-based  access  to  live 
and  stored  video  feeds. 

How  company  got  its  start  Now  with  35 
employees,  Envysion  was  founded  by  CEO 
Matt  Steinfort,  Chairman  Dan  Caruso  and  CTO 
Rob  Hagens.  All  had  been  with  Level  3  Com¬ 
munications,  where  they  saw  growth  in  busi¬ 
ness  video  surveillance  and  were  convinced  a 
managed  service  would  prove  popular. 

How  company  got  its  name:  It  is  a  play  on 
the  word  “envision.” 

CEO:  Steinfort,  formerly  COO,  was  named 
CEO  this  year  after  his  success  in  bringing  in 
venture  capital  and  on  the  sales  side,  national 
customer  accounts. 

Funding:  $12.5  million,  including  Columbia 
Capital,  High  Country  ventures  and  Bear 
Equity,  plus  angel  investors. 

Customers:  About  40,  including  Chipolte, 
IHOBand  Captain  D’s  seafood  chain. 

Guardian  Analytics 

Founded:  2005 

Headquarters:  Los  Altos,  Calif. 

What  the  company  offers:  FraudMap,  an 
online  fraud-prevention  service  primarily  for 
financial  institutions.  It  takes  a  real-time  feed 
for  a  company’s  online  banking  application  to 
protect  customer  accounts  dynamically 

Why  it’s  worth  watching:  The  service  blends 
Quova’s  IP  geo-location  technology  into  the 
Guardian  Analytics  technology  to  be  able  to 
score  risk  in  real-time  partly  based  on  a  deter¬ 
mination  of  the  physical  location  of  the  user  or 
the  fraudster. 

How  company  got  its  start:  Founder  Tom 
Miltonberger  saw  the  possibility  of  a  fraud- 
detection  service  for  banks  that  would  be  able 
to  stop  takeover  attacks  against  customer 
accounts  through  a  technique  that  models 
each  customer  account  to  determine  suspi¬ 
cious  behavior. 

How  company  got  its  name:  Combines  con¬ 
cept  of  analysis  about  banking-account  use  to 
guard  against  fraud. 

CEO:  Miltonberger  was  formerly  a  senior  vice 
president  with  Quova  and  was  responsible  for 
gaining  Quova’s  backing  to  support  the  start-up 
through  a  technology-licensing  arrangement. 

Funding:  $7.5  million  from  Foundation 
Capital. 

Customers:  One  Credit  Union,  Digital  Federal 
Credit  Union. 

Metaforic 

Founded:  2006 

Headquarters:  San  Jose  in  the  United  States, 
and  Glasgow, Scotland,  in  Europe. 

See  Security,  page  22 
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GIVE  YOUR  DATA’S 

A  CONTINGENCY  PLAN. 
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Xeon 
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Powerful. 

Efficient. 
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IBM  System  x3350  Express 


OR  $23/  MONTH  FOR  36  MONTHS' 


The  more  valuable  your  data,  the  more  you  need  to  protect  it. 
Redundancy  is  critical.  Like  in  the  IBM  System  x3350™  Express 
It  comes  with  integrated  RAID.  Can  our  competitors  say  that? 
So  if  there’s  ever  an  unexpected  problem  on  one  drive,  your 
business  can  keep  running.  Because  the  data  you  need  is 
available  in  another  location.  Anytime  you  need  it.  Smart  plan. 

From  the  people  and  Business  Partners  of  IBM. 

It’s  innovation  made  easy. 


HELP  KEEP  YOUR  DATA  SAFE  AND  ACCESSIBLE. 


PN:  4192E1U _ 

Featuring  Intel*  Xeon*  Processor  (up  to  3.0  GHz/6  MB/1333  MHz) 

Predictive  Failure  Analysis  and  Light  Path  Diagnostics,  redundant, 
hot-swappable  power  supplies  and  fans  and  up  to  4  hard  disk  drives 

Comes  with  a  1  -year  or  3-year  customer  replaceable  unit  and  on-site 
limited  warranty2 


IBM  SYSTEM  x3650  EXPRESS 

$5,409 

OR  $139/  MONTH  FOR  36  MONTHS’ 


PN:  7979EVU 

Featuring  up  to  two  Intel*  Xeon"  Processors  x5355 _ 

Hot-swap  redundant  cooling,  power  and  hard  disk  drives  for  high  availability 
Comes  with  a  3-year  on-site  limited  warranty2  on  parts  and  labor 


IBM  SYSTEM  STORAGE 
DS3400  EXPRESS 

$4,319 

OR  $111/  MONTH  FOR  36  MONTHS’ 

PN:  172641 E _ 

External  Disk  Storage  with  1  Gbps  Fibre  Channel  interface  technology 
Built-in  reliability  features  with  dual-redundant  power  supplies  standard 


IBM  EXPRESS  “BUNDLE  AND  SAVE” 

We  bundle  our  Express  systems  to  give  you  the  accessories 
you  need  -  while  saving  you  money  on  the  hardware  you  want. 
Act  now.  Available  through  ibm.com  and  IBM  Business  Partners. 


=  i£  ~=  express 
:§:=—:=?=:  advantage 


ibm.com/systems/safedata 
1  866-872-3902  (mention  6N8AH09A) 


1.  IBM  Global  Financing  offerings  are  provided  through  IBM  Credit  LLC  in  the  United  States  and  other  IBM  subsidiaries  and  divisions  worldwide  to  qualified  commercial  and  government  customers.  Monthly  payments  provided  are  tor  planning 
purposes  only  and  may  vary  based  on  your  credit  and  other  factors.  Lease  otter  provided  is  based  on  an  FMV  lease  ot  36  monthly  payments.  Other  restrictions  may  apply.  Rates  and  offerings  are  subject  lo  change,  extension  or  withdrawal  without  notice. 

2.  IBM  hardware  products  are  manufactured  Irom  new  parts,  or  new  and  serviceable  used  parts.  Regardless,  our  warranty  terms  apply.  For  a  copy  ot  applicable  product  wananties,  visit:  ibm.com/servers/supportAnachine_warianties  or  write  to:  Warranty 
Information,  P.0  Box  12195.  RTF’  NC  27709.  Attn:  Dept  JDJA/B203  IBM  makes  no  representation  or  warranty  regarding  third-party  products  or  services,  including  those  designated  as  ServerProven*  or  ClusterProven*  Telephone  support  may  be  subject 
to  additional  charges.  For  on-site  labor,  IBM  will  attempt  to  diagnose  and  resolve  the  problem  remotely  before  sending  a  technician.  On-site  warranty  is  available  only  for  selected  components.  Optional  same-day  service  response  is  available  on  [select] 
systems  at  an  additional  charge. 

IBM,  the  IBM  logo,  IBM  Express  Advantage,  System  x  and  System  Storage  are  trademarks  of  Inter  national  Business  Machines  Corporation  in  fire  United  States  and/or  other  countries.  For  a  complete  list  ot  IBM  trademarks,  see  wvw  ibni.com/teaal/coDvtiade.slitrrtl 
Intel  and  Xeon  are  registered  trademarks  ot  Intel  Corporation.  All  other  products  may  be  trademarks  or  registered  trademarks  of  their  respective  companies.  All  prices  and  savings  estimates  are  based  upon  IBM's  estimated  retail  selling  prices  as  of  8/20/06 
Prices  and  actual  savings  may  vary  according  to  configuration.  Resellers  set  their  own  prices,  so  reseller  prices  and  actual  savings  to  end  users  may  vary.  Products  are  subject  to  availability.  This  document  was  developed  for  offerings  in  ttie  United  States, 
IBM  may  not  otter  the  products,  features,  or  services  discussed  in  this  document  in  other  countries.  Prices  are  subject  to  change  wittiout  notice.  Starting  price  may  riot  include  a  hard  drive,  operating  system  or  other  features.  Contact  your  IBM  representative 
or  IBM  Business  Partner  for  the  most  current  pricing  in  your  geographic  area.  ©2008  IBM  Corporation.  All  rights  reserved 
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Security 

continued  from  page  20 

What  the  company  offers:  MetaFortress  is 
software  designed  to  prevent  tampering,  piracy 
and  theft  of  applications  through  use  of  a  digi¬ 
tal-hash  checksum-based  mechanism.  When  it 
detects  software  has  been  altered,  it  can  either 
kill  the  process  to  eject  the  attacker,  shut  down 
the  application  or  take  other  actions. 

Why  it’s  worth  watching:  Optimally, 
MetaFortress  should  be  incorporated  into 
development  environments  such  as  Visual 
Studio  to  be  installed  into  applications.  With 
piracy  still  a  huge  drain  on  the  software  indus¬ 
try  it  may  look  at  MetaFortress  as  a  means  to 
thwart  theft. 

How  company  got  its  start:  Both  from 
Scotland,  Andrew  McLennan,  CEO,  and  Linda 
MacKellar,  COO,  founded  Metaforic,  which  has 
15  employees,  to  commercialize  technology 
from  a  five-year  research  project  funded  by  the 
Scottish  government.  Neil  Stewart  is  CTO.  The 
three  had  worked  together  at  games  develop¬ 
ers  Slam  games  and  Steel  Monkeys,  where  they 
worked  with  Hasbro  and  Microsoft. 

How  company  got  its  name:  A  metaphor  for 
good  security  by  building  the  antipiracy  pro¬ 
tection  into  the  application  itself. 

CEO:  McLennan  says  he  needed  to  establish 
a  beachhead  in  Silicon  Valley  this  fall  in  order 
to  introduce  the  advantages  of  using 
MetaFortress  to  the  high-tech  industry 

Funding:  $10  million,  including  Pentech  ven¬ 
tures  and  the  Scottish  Co-Investment  Fund. 

Customers:  Not  yet  announced. 

nexTier  Networks 

Founded:  2007 

Headquarters:  Santa  Clara,  Calif. 

What  the  company  offers:  Data-leak  preven¬ 
tion  via  an  appliance  called  Information 
Search  and  Security 

How  company  got  its  start:  Tarique  Mustafa, 
founder  and  CEO,  says  nexTier’s  technology 
has  its  roots  in  artificial-intelligence  research 
he  did  as  a  graduate  student  at  the  University 
of  Southern  California. 

How  company  got  its  name:  Mustafa  com¬ 
bined  the  word  “next”  with  “frontier,”  because 
he  regards  effective  DLP  as  security’s  next 
frontier. 

CEO:  Mustafa  also  founded  Network  Utilities, 
served  as  principal  architect  at  Nevis 
Networks,  and  held  technical  positions  at 
Symantec,  DHL  Airways  and  MCI  WorldCom. 

Funding:  $2  million  from  Ecosystems 
Ventures,  Archimedes  Capital 

Customers:  None  announced,  but  said  to  be 
in  trials  at  several  Fortune  1000  companies. 

NovaShield 

Founded: 2006 

Headquarters:  Madison,  Wis. 

What  the  company  offers:  NovaShield  behav¬ 
ior-based  detection  software  to  catch,  quaran¬ 
tine  and  eradicate  malware. 

How  company  got  its  start:  Co-founders 


Somesh  Jha,  chief  scientist,  and  Praveen  Sinha, 
CEO,  were  involved  in  research  and  academics 
at  the  University  of  Wisconsin,  and  developed 
what  they  say  is  a  way  to  detect  and  block  mali¬ 
cious  drive-by  downloads.  The  first  version  of 
the  Windows-based  NovaShield  software  was 
released  in  its  commercial  form  earlier  this 
year. 

How  company  got  its  name:  It  was  simple, 
and  gets  across  the  idea  of  creating  a  shield 
against  malware. 

CEO:  Sinha  previously  co-founded 

Ultra  Visual  Medical  Systems,  which  merged 
with  Emageon  in  2003.  He  was  also  product 
manager  at  ADAC  Labs,  and  his  academic 
accomplishments  include  a  Ph.D  in  physics,  a 
master’s  degree  in  computer  science  and  an 
M.B.A. 

Funding:  $4.7  million  from  angel  investors 
and  $200,000  in  small  tech-business  funding 
from  the  NSF 

Customers:  None  announced. 

Packet  Analytics 

Founded: 2007 

Headquarters:  Santa  Fe,  N.M. 

What  the  company  offers:  The  Network 
Forensics  Search  Engine  is  Linux-based  soft¬ 
ware  that  provides  a  Web  interface  for  network 
managers  to  see  an  analytical  profile  of  host-to- 
host  activity  based  on  NetFlow  router  data  and 
other  log  information  related  to  an  organiza¬ 
tion’s  security  systems.  It  is  adopting  an  open 
source  strategy  early  next  year. 

Why  it’s  worth  watching:  Packet  Analytics, 
which  regards  Splunk  and  LogLogic  as  com¬ 
petitors,  designed  its  tool  to  sift  through  volu¬ 
minous  amounts  of  NetFlow  data  to  help  deter¬ 
mine  the  context  of  how  a  compromise  may 
have  occurred. 

How  company  got  its  start:  Co-founders  Ben 
Uphoff  and  Paul  Criscuolo  were  technical  staff 
members  at  Lawrence  Livermore  National  Lab 
when  they  developed  the  Net/FSE  in  response 
to  requests  from  the  FBI  to  provide  detail  on 
network  activity  based  on  a  list  of  IP  addresses 
related  to  possible  security  problems. 

How  company  got  its  name:  Pretty  simple  — 
the  product  performs  analysis  on  network 
packets. 

CEO:  Andy  Alsop  has  had  management  stints 
at  Panorama  Point,  Lucent  Technologies,  the 
Georgia  O’Keefe  Museum  and  Cowboy  & 
Indians  Magazine. 

Funding:  $100,000  from  Los  Alamos  National 
Lab  Venture  Acceleration  Fund,  plus  $100,000 
from  Flywheel  Ventures  and  an  undisclosed 
angel  investor. 

Customers:  Los  Alamos  National  Bank 

Purewire 

Founded:  2007 

Headquarters:  Atlanta 

What  the  company  offers:  The  Purewire 
Gateway  managed  security  service  protects 
enterprise  users  from  being  victimized  by  mali¬ 
cious-code  attacks  while  surfing  the  Web. 

Why  it’s  worth  watching:  Managed  security 


services  are  gaining  in  popularity,  but  there 
are  few  today  that  act  as  secure  Web  gateway 
services. 

How  company  got  its  start:  Co-founders  Mike 
Bruinisse,  president  and  COO;  Phul  Judge, CTO; 
and  Mark  Caldwell,  vice  president  of  sales, 
were  formerly  executives  at  messaging-security 
firm  Ciphertrust,  acquired  by  Secure 
Computing  two  years  ago. They  saw  an  oppor¬ 
tunity  in  providing  Web  security  as  a  service. 

How  company  got  its  name:  Purewire 
expresses  the  idea  of  providing  business  users 
with  a  connection  to  the  Internet  free  of  mal¬ 
ware  during  Web  use. 

CEO:  Steve  Raber  was  formerly  president  and 
CEO  at  CipherTrust,  and  his  25-year  career 
includes  managing  director  at  iGate  Capital, 
vice  president  and  general  manager  of 
Compaq’s  global  professional  services,  and  18 
years  with  IBM. 

Funding:  $1.75  million  from  its  co-founders 
and  angel  investors,  and  $2  million  from  other 
sources,  including  Imlay  Investments,  and  $1 
million  from  InterSouth  Partners  and  the  State 
of  Georgia  Seed  Fund. 

Customers:  Technical  College  System  of 
Georgia,  the  state  agency  responsible  for  over¬ 
seeing  the  state’s  technical  colleges  and  adult- 
education  programs, SI  Corp,  Peachtree  bene¬ 
fits  and  Tabletop  Media. 

Rohati  Systems 

Founded:  2006 

Headquarters:  Sunnyvale,  Calif. 

What  the  company  offers:  The  Transaction 
Networking  System  (TNS)  appliance  for  net¬ 
work-based  entitlement  control  via  Layer  7 
access-control  lists  to  guard  user  access  to 
applications. 

Why  it’s  worth  watching:  Designed  by  former 
Cisco  engineers,  TNS  aims  to  upend  the  tradi¬ 
tional  perimeter  firewall  through  its  own 
method  of  controlling  user  access  to  applica¬ 
tions  via  Layer  7  access-control  lists. 

How  company  got  its  name:  Co-founders 
Abhijit  Patra,  Prashant  Ganhi,  Anant  Thakar, 
Kirti  Prabhu  and  Nagaraj  Bagepalli  say  the 
word  “Rohati"  derives  from  the  Sanskrit  word 
for  “rise  up,  go  up,”  which  relates  to  how  TNS 
focuses  on  the  top  application  layer  in  the  OSI 
model. 

CEO:  Shane  Buckley  has  a  20-year  career  in 
the  high-tech  industry  that  includes  COO  at 
Nevis  Networks,  as  well  as  vice  president  of 
worldwide  operations  at  Juniper  Networks  and 
international  president  of  Peribit  Networks. 

Funding:  $22.6  million  from  Matrix  Partners 
and  Foundation  Capital 

Customers:  Staunton  City, Va.,  government 


ONLINE:  Security  products 

View  the  products  these  companies 
have  to  offer  in  a  slideshow. 
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Modular  power  just  grew  up. 


InfraStruMure 


OATA  CENTERS  ON  DEMAND 


*'ui 


The  Symmetra 
PX  250/500 
fits  anywhere, 
with  no  rear 
access  required. 
Scalable  In  25kW 
increments,  it 
boasts  a  96% 
efficiency  rating. 

(Shown  in  Line 
up  and  Match 
configuration  for 
5D0kWand6 
minutes  mndme.) 


Grow  in  bigger  increments 
with  the  Symmetra®  PX  250/500. 

Right-sized,  modular  power  -  the  key  to  virtualizing  with  true  efficiency! 

If  you  haven’t  already  virtualized  your  servers,  you’re  probably  seriously 
considering  it.  What  you  may  not  know  about  virtualization  is  this:  modular  power 
is  critical  to  maximizing  the  gains  made  through  virtualization  -  otherwise,  oversized 
power  simply  negates  the  efficiency  advances  you’ve  made. 

Now,  the  modular  power  you  know  from  our  acclaimed  Symmetra  PX  40/80  is 
more  flexible  than  ever  with  the  all-new  Symmetra  PX  250/500.  Featuring  modular 
power  in  larger  increments  of  25kW  up  to  500kW,  it  configures  in  parallel  up  to 
2  MW,  for  enterprises  with  consolidated  servers  that  are  experiencing  growth 
on  a  larger  scale. 

The  PDU  -  modular  power's  newest  frontier. 

In  addition  to  the  Symmetra  PX  250/500,  we  also  introduce  the  first  ever  fully 
modular  PDU.  Our  new  Modular  Power  Distribution  technology  brings  the 
right-sized  scalability  and  flexibility  you  need  when  virtualizing  to  the  power 
distribution  unit  -  right  down  to  the  rack  level.  Scaling  up  or  down  no  longer 
means  powering  down  -  or  attempting  to  forecast  future  use. 

Modular  power  -  for  maximizing  savings  from  virtualization. 

Start  saving  energy  today  by  virtualizing  -  but  not  without  these  flexible  advances 
in  modular  power  -  the  Symmetra  PX  250/500  and  APC’s  first  ever  Modular 
Power  Distribution  Unit. 


Modular  PDU 


■  Doubles  the  power  in 
half  the  floor  space 

’  60%  smaller,  so  material 
costs  are  reduced 

’  Built  in  advanced  alarms 
and  notification 


Distribution  Module  High  Efficiency  41 5V 


>  Plugs  directly 
into  RPP  and 
PDU  products 

>  Hot-swappable  and  safe 

•  Available  in  single  and  3-phase 


■  41 5V  of  power  means  higher  power 
density  in  a  smaller  footprint 

>  Step  down  and  conversion  rates 
provide  more  power  by  routing  at 
higher  voltage 

’  288kW  now  fits  in  12"! 


Principles  of  InfraStruXure 
High  Density-Ready  Architecture... 

1  Rack  enclosures  that  are  HD-Ready 

2  Metered  PDUs  at  the  rack  level 

3  Temperature  monitoring  in  the  racks 

4  Centralized  monitoring  software 

5  Operations  software  with  predictive  capacity 
management 

6  Efficient  InRow’  cooling  technology 

7  UPS  power  that  is  flexible  and  scalable 


Virtualization  can 
significantly  reduce 
IT  load,  resulting  in 
underloaded  power 
systems.  Improve  your 
efficiency  by  avoiding 
oversizing  and  by 
downsizing  at  the  time 
of  IT  consolidation  with 
our  modular  scalable 
architecture. 
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I  load 


Downsize,  but  expect  re-growth 
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the  green  grid' 


APC  is  proud  to  be  a  member  of  the  green  grid. 
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work  best  with  InfraStruXure  Solutions. 
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Go  to  www.xcompatible.com  to  learn  more. 


Download  a  FREE  copy  of  APC  White  Paper  #1 26:  "An  Improved 
Architecture  for  High-Efficiency,  High-Density  Data  Centers" 
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VoiceCon  message:  UC  can  save  you 


BY  TIM  GREENE 

SAN  FRANCISCO  — Vendors  at  VoiceCon  San 
Francisco  2008  pushed  a  message  that  unified 
communications  can  cut  operational  costs 
and  help  businesses  get  more  out  of  the  peo¬ 
ple  they  have. 

Both  Microsoft  and  IBM  executives  high¬ 
lighted  cost  savings  and  productivity  enhance¬ 
ment  during  their  keynote  addresses  with 
demonstrations  of  their  UC  prod¬ 
ucts.  Separately  Avaya  announced 
0%  financing  for  its  UC  gear  to 
enable  customers  “to  address  their 
business  communications  needs 
while  conserving  capital  during 
these  difficult  times.” 

They  made  a  good  pitch  for  sav¬ 
ings  and  productivity  and  poten¬ 
tial  customers  attending  the  show, 
if  not  in  desperate  straits,  said  they 
see  potential  economic  benefits  of 
UC.  (Despite  official  attendance 
figures  —  4,000  preregistered  — 
set  to  beat  last  year’s  conference, 
crowds  at  the  show  seemed 
sparse.) 

Most  attendees  interviewed  at 
the  show  said  they  are  taking  extra 
care  choosing  IT  projects  to  pur¬ 
sue  as  they  work  under  restricted 
budgets.  For  some,  UC  is  an  invest¬ 
ment  they  think  can  help  boost 
revenue  and  speed  up  business 
processes. 

For  instance,  Beckman  Coulter,  a 
$2.5  billion  biomedical  test  gear 
manufacturer  based  in  Fullerton, 

Calif.,  has  imposed  a  travel  freeze. 

That  boosts  the  priority  of  its  UC 
efforts,  says  Stephen  Campbell, 
director  of  network  services, 
because  despite  the  freeze,  the 
company’s  distributed  engineer¬ 
ing  staff  still  needs  to  consult  with 
each  other.  “Better  collaboration 
tools  have  been  on  the  road  map 
for  a  couple  of  years,’ ’he  said.“Now 
we’re  really  going  to  get  serious 
about  it.” 

The  company  has  to  find  something  besides 
face-to-face  meetings  as  a  substitute.The  only 
way  to  do  that  is  with  IX’ said  Campbell  who  is 
building  a  UC  infrastructure  around  Siemens 
gear. 

Others  attending  the  show  agree  that  UC 
can  help  cut  costs.  For  example,  Glenn  Smith, 
CEO  of  systems  integrator  UCS  Solutions  in 
Mountain  View,  Calif.,  said  he  urges  his  small- 
business  customers  to  adopt  one  key  ele¬ 
ment  of  UC  —  VoIP  —  as  a  way  to  save 
money. 

A  combination  of  DSL  lines,  IP  phones  and  a 
Switchvox  IP  PBX  can  cut  the  network  cost  of 


24  phones  from  $800  to  $500  per  month,  a  sav¬ 
ings  that  leads  to  a  rapid  return  on  investment. 
Plus,  with  employees  able  to  turn  home 
phones  into  work  extensions,  their  productivity 
increases,  Smith  said. 

These  benefits  can  be  reaped  even  without 
pulling  in  other  UC  elements  such  as  presence, 
instant  messaging,  collaboration  software,  con¬ 
ferencing  and  integration  of  communications 


with  business  applications. 

Gil  Chamaki,  IT  manager  for  processor 
maker  Tensilica  in  Santa  Clara,  Calif.,  said  ex¬ 
tending  UC  to  mobile  devices  would  give  his 
company’s  sales  force  an  edge.  E-mail,  calen¬ 
daring,  access  to  marketing  data  and  con¬ 
tacts  all  on  a  standardized  platform  would  be 
good  for  business.  “With  mobile  clients  they 
can  get  the  information  they  need  quickly  to 
seal  deals,”  he  said. 

Chamaki  was  just  shopping  at  the  show,  but 
said  the  benefits  would  also  extend  to  other 
departments  so  workers  could  do  more  from 
home  or  during  travel. 


More  UG  uses 

A  Shoretel  VoIP  customer  at  the  show  said 
unlikely  staff  members  are  clamoring  for  UC 
capabilities.  Tellers  at  Washington  State  Em¬ 
ployees  Credit  Union  use  IM  to  discretely  mes¬ 
sage  bank  officers  to  see  whether  to  override 
normal  bank  credit  rules  for  customers  at  their 
windows,  said  Tony  Hildesheim.vice  president 
of  IT  at  the  credit  union. 

Branch  receptionists  use  pres¬ 
ence  and  IM  to  find  the  best  avail¬ 
able  employee  to  handle  cus¬ 
tomers  as  they  come  in.  The  task, 
Hildesheim  said,  is  integrating 
business  applications  with  the 
communications  capabilities,  and 
that  is  something  the  applications 
developers  at  the  credit  union  are 
eager  to  start.“We’re  trying  to  keep 
the  developers  out  of  trying  to 
write  for  the  system  until  we’re 
done  with  it,”  he  said. 

Integrating  communications 
platforms  such  as  PBXs  with  UC 
platforms  also  was  a  theme 
among  vendors  making  an¬ 
nouncement  at  the  conference. 
Customers  that  have  invested  in 
VoIP  gear  from  one  vendor  can’t 
rip  it  all  out  to  blend  in  UC  soft¬ 
ware  from  another,  so  compatibil¬ 
ity  is  crucial,  said  Vanessa  Alvarez, 
an  analyst  with  Yankee  Group. 
“Openness  is  table  stakes.  Every¬ 
one  has  to  operate  in  a  multiven¬ 
dor  environment,” she  said. 

But  not  all  vendors  live  up  to  that 
claim,  said  Frank  Stinson,  an  ana¬ 
lyst  with  Intellicom  Analytics.  “All 
competitors  say  they  are  open,  but 
the  reality  is  different.” 

Among  vendors  making  an 
interoperability  effort  was  Object- 
world,  which  announced  its  UC 
server  works  with  Microsoft  Small 
Business  Server,  and  Essential 
Business  Server,  integrating  Micro¬ 
soft  VoIP  with  legacy  PBXs.  Dia¬ 
logic  announced  its  media  gate¬ 
ways  work  with  Siemens  OpenScape  Voice  and 
Enterprise  Communications  platforms,  tying 
the  IP  gear  to  legacy  PBXs. 

Mitel  announced  three  UC  clients  that 
work  with  Microsoft  and  IBM  UC  software 
and  have  programming  interfaces  to  blend 
communications  into  corporate  applica¬ 
tions.  A  new  mobile  client  supports  Sym¬ 
bian, Windows  Mobile  and  BlackBerry  oper¬ 
ating  systems. 

Avaya  in  collaboration  with  Mutare  Software 
and  SpinVox  also  announced  new  capabilities, 
including  speech-to-text  support  so  users  can 
read  their  voice  mails.  ■ 


Eaton  expertise  in  a  UPS. 

Uninterruptibility  from  Eaton®  is  an  iron-ciaci 
promise,  backed  by  a  $13B  giobal  organization  and 
a  century-long  heritage  with  power  protection, 
distribution  and  management  expertise.  That 
expertise  has  grown  to  include  the  Powerware® 
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Managed  LANs 

continued  from  page  18 

for  them." 

Patricia  Wilkey  director  of  global  desktop  and 
mobility  services  for  IT  and  business  process 
outsourcing  firm  EDS, says  much  of  the  growth 
that  her  company  has  seen  in  managed  LAN 
services  has  been  the  result  of  desktop  appli¬ 
cations  such  as  instant  messaging  becoming 
converged  with  network  management. 

“If  you  look  at  how  Exchange  ’07  works,  for 
instance, you  can  now  have  unified  messaging 
so  your  voice  messages  can  be  put  into  the 
Exchange  environment.  The  enter¬ 
prise  is  trying  to  really  harness 
these  productivity  gains  and  link 
them  to  unified  communications,” 
she  says. 

Increased  number  of  branch 
offices  also  a  big  driver 

Moving  all  applications  to  IP  is 
just  one  of  the  major  factors  dri¬ 
ving  managed  LAN  adoption.  As 
companies  invest  more  resources 
into  creating  branch  offices,  many 
of  them  are  looking  for  ways  to  cut 
down  on  the  number  of  IT  staff 
they  employ  So  instead  of  having 
an  entire  IT  department  dedicated 
to  managing  LANs  at  branch 
offices,  many  of  them  rely  on  third 
parties  and  consolidating  their 
expenditures.  Jim  Pazour,  a  net¬ 
work  supervisor  at  National  Ameri¬ 
can  University  says  that  his  net¬ 
work  has  to  support  about  6,000 
students,  in  addition  to  1,000  em¬ 
ployees  spread  across  17  loca¬ 
tions.  He  and  his  staff  cannot  man¬ 
age  all  the  minutiae  of  campus 
LANs  given  their  finite  resources. 

“We  need  someone  to  monitor 
and  maintain  these  LANs  24  hours 
a  day,  and  it  would  be  too  difficult 
for  us  to  troubleshoot  them  all  on 
our  own, "says  Pazour,  who  has  sub¬ 
scribed  to  Verizon  Business’  man¬ 
aged  LAN  services  for  the  past 
three  years.  “We  didn’t  want  to 
have  IT  staff  at  all  of  our  different 
locations.” 

The  key  to  successfully  imple¬ 
menting  managed  LAN  services  over  a  wide 
variety  of  locations,  Pazour  explains,  is  to  make 
sure  you  have  identical  network  layouts,  even  at 
remote  locations.  Once  you’ve  standardized 
the  network  layout,  you  can  go  to  the  managed 
LAN  vendor  and  ask  for  specific  models  of 
routers  and  switches  that  can  be  deployed 
identically  throughout  all  branch  locations,  he 
says.  John  Buxton,  who  serves  as  the  IT  director 
at  National  American  University  says  that  this 
cookie-cutter  approach  has  been  a  big  help  in 
integrating  voice,  data  and  video  applications, 
because  strategies  for  deploying  them  at  one 
location  will  work  at  the  other  locations  as  well. 


“We’ve  reduced  cost,  we’ve  increased  uptime 
and  we’ve  decreased  the  amount  of  labor  we 
need,”  he  says.  “It  was  a  win-win  situation.” 

As  companies  increasingly  rely  upon  geo¬ 
graphically  dispersed  locations,  many  of  them 
also  are  turning  more  toward  wireless  LANs  to 
deliver  services  to  their  workers.  Wilkey  notes 
that  the  advent  of  WLANs  is  sparking  more 
demand  for  managed  LAN  services,  because 
wireless  systems  require  greater  attention  to 
security  measures  than  wireline  systems  do. 
Additionally  she  says  that  wireless  networks 
present  much  different  design  changes  than 
wireline  networks,  which  means  that  many 


companies  may  feel  more  comfortable  con¬ 
sulting  with  an  established  carrier  or  service 
provider  to  design,  implement  and  manage 
their  WLANs  than  with  their  own  in-house 
operations. 

“The  biggest  challenge  comes  from  physical 
barriers  that  exist  within  your  environment.  If 
you’re  in  a  government  building  that  was  con¬ 
structed  with  a  lot  of  cinderblock,  for  instance, 
then  designing  the  network  properly  becomes 
critical  to  controlling  costs,”  he  says. 

Potential  drawbacks 

Managed  LAN  services  aren’t  for  everyone, 


however.  For  companies  that  require  immedi¬ 
ate  fixes  to  LAN  problems,  for  example,  having 
an  outside  party  manage  the  LAN  may  be  less 
than  ideal.  Pazour  says  that  while  Verizon 
Business  works  as  quickly  as  possible  to  fix 
problems  in  the  system,  it  still  takes  time  for  IT 
workers  on  his  staff  to  report  problems. 

“You  can’t  make  changes  on  the  fty’  he  says. 
“You  have  to  submit  a  trouble  ticket,  so  it  does 
create  some  delays.  In  a  way  it’s  a  bad  point, 
but  there  are  both  drawbacks  and  advantages 
to  it.  There’s  checks  and  balances  in  place  to 
make  sure  that  the  network  is  up  and  running.” 

Lazar  says  another  potential  downside  is  the 
complexity  of  negotiating  a  man¬ 
aged  LAN  contract,  as  companies 
have  to  cover  a  lot  of  bases  to  set 
parameters  for  both  service  quali¬ 
ty  and  application  management. 
Additionally  companies  with  a 
large  international  presence  might 
have  trouble  finding  one  man¬ 
aged  LAN  vendor  that  can  service 
branches  all  across  the  world,  and 
many  companies  will  likely  have 
to  go  with  more  than  one  vendor, 
he  says. 

“First  and  foremost,  companies 
should  cast  a  wide  net  and  look  at 
a  wide  variety  of  providers,”  he 
says.  “As  a  rule  during  negotia¬ 
tions,  you  want  to  tell  the  vendor 
everything  that’s  important  to  you, 
such  as  your  criteria  for  success. 
Obviously  if  the  provider  doesn’t 
know  how  to  handle  voice  ser¬ 
vices,  then  that’s  a  mismatch.” 

Finally  companies  should  think 
long  and  hard  about  whether  they 
need  to  have  a  carrier  manage 
their  LAN  for  them,  or  whether 
they  simply  need  a  good  LAN 
management  tool  that  they  can 
use  to  manage  the  LAN  them¬ 
selves.  Small  businesses  with  few 
branch  locations  and  relatively 
simple  LAN  demands  in  particular 
might  want  to  think  twice  before 
paying  an  outside  party  to  take 
over  their  LAN  management 
duties. 

Curt  Benton,  president  of  fine 
art  print  house  Pixel2Canvas  in 
Lake  Forrest,  Calif.,  uses  XRoads 
Networks’  Edge  WAN  and  Internet  Load 
Balancer  to  ensure  network  uptime  and  to  add 
incremental  bandwidth  during  peak  hours. 

“The  only  thing  we  really  needed  to  keep 
our  LAN  in  good  shape  was  a  tool  that 
would  supply  us  with  graphs  to  check  our 
bandwidth  to  ensure  things  are  running 
smoothly”  he  says.  “The  main  thing  is  that 
we’re  notified  in  the  event  where  one  of  our 
machines  is  infected,  which  we’re  able  to 
identify  by  looking  at  traffic  patterns.  Now 
we  have  a  lot  fewer  service  outages  and 
bandwidth  fluctuations,  which  is  really  all 
we  want  out  of  a  LAN.”B 


and  MGE  Office  Protection  Systems™  product 
families.  Today  the  Eaton  label  is  found  on  UPSs 
with  the  highest  efficiency,  smaiiest  footprint, 
lightest  weight,  and  easiest  installation  available 
to  help  you  meet  your  power  challenges — 
and  power  through. 
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Eight  reasons  tech  isn't  dead ...  yet 


BY  CAROLYN  DUFFY  MARSAN 

The  global  economy  is  in  bad  shape.  In  the 
last  two  months,  U.S.  consumers  have  stopped 
spending  money  on  discretionary  items,  in¬ 
cluding  electronic  gear,  prompting  last  week’s 
bankruptcy  filing  by  Circuit  City  Retailers  are 
worried  that  Black  Friday  will  indeed  be  black, 
as  holiday  shoppers  cut  back  on  spending 
and  choose  lower-priced  cell  phones  and 
notebook  computers. 

Yet  despite  all  of  the  bailouts  and  layoffs, 
most  IT  industry  experts  are  predicting  that 
sales  of  computer  hardware,  software  and  ser¬ 
vices  will  be  growing  at  a  healthy  clip  again 
within  18  months. 

Here’s  a  synopsis  of  what  experts  are  saying 
about  the  prognosis  for  the  tech  industry: 

1.  The  global  IT  market  is  still  growing,  al¬ 
though  barely. 

IDC  last  week  recast  its  projections  for  global 
IT  spending  in  2009,  forecasting  that  the  market 


will  grow  2.6%  next  year  instead  of  the  5.9%  pre¬ 
dicted  prior  to  the  financial  crisis.  In  the  United 
States,  IT  spending  will  eke  out  0.9%  growth. 

IDC  predicts  the  slowest  IT  markets  will  be 
the  United  States,  Japan  and  Western  Europe, 
which  all  will  experience  around  1%  growth. 
The  healthiest  economies  will  be  in  Central 
and  Eastern  Europe,  the  Middle  East, Africa  and 
Latin  America. 

Similarly  Gartner’s  worst-case  scenario  for 
2009  is  that  IT  spending  will  increase  2.3%, 
according  to  a  report  released  in  mid-October. 
Gartner  said  the  U.S.  tech  industry  will  be  flat. 
Hardest  hit  will  be  Europe,  where  IT  expendi¬ 
tures  are  expected  to  shrink  in  2009. 

“We  expect  a  gradual  recovery  throughout 
2010,  and  by  2011  we  should  be  back  into  a 
more  normal  kind  of  environment,”  says  IDC 
Analyst  Stephen  Minton. 

2.  It’s  not  as  bad  as  2001. 

Even  the  grimmest  predictions  for  global  IT 


spending  during  the  next  two  years  aren’t  as 
severe  as  the  declines  the  tech  industry  experi¬ 
enced  between  2001  and  2003. 

“Global  economic  problems  are  impacting 
IT  budgets,  however  the  IT  industry  will  not  see 
the  dramatic  reductions  that  were  seen  during 
the  dot.com  bust. . . .  At  that  time,  budgets  were 
slashed  from  mid-double-digit  growth  to  low- 
single-digit  growth,”  Gartner  said  in  a  statement. 

IDC’s  Minton  says  that  in  2001  many  compa¬ 
nies  had  unused  data  center  capacity,  excess 
network  bandwidth  and  software  applications 
that  weren’t  integrated  in  a  way  that  could 
drive  productivity 

“This  time  around,  none  of  that  is  true," 
Minton  says.  “Today  there  isn’t  a  glut  of  band¬ 
width.  There  is  high  utilization  of  software 
applications,  which  are  purchased  in  a  more 
modular  way  and  integrated  much  faster  into 
business  operations.  Unlike  in  2001,  companies 
aren’t  waking  up  to  find  that  they  should  be 
cutting  back  on  IT  spending.  They’re  only  cut¬ 
ting  back  on  new  initiatives.” 

3.  Consumers  won’t  give  up  their  cell  phones. 

They  may  lose  their  jobs  and  even  their 
homes,  but  consumers  seem  unwilling  to  dis¬ 
connect  their  cell  phones. 

“I  would  sleep  in  my  car  before  I  would  give 
up  my  mobile  phone,”  says  Yankee  Group 
Analyst  Carl  Howe.“Consumers  buy  services 
like  broadband  and  mobile  phones,  and  even 
if  they  lose  their  jobs  they  need  these  services 
more  than  ever” 

Yankee  Group  says  the  demand  for  network- 
based  services  will  overcome  the  short-term 
obstacles  posed  by  the  global  financial  crisis 
and  will  be  back  on  track  for  significant  growth 
by  2012. 

Yankee  Group  predicts  continued  strong 
sales  for  basic  mobile  phone  services  at  the 
low  end, as  well  as  high-end  services  such  as 
Apple  iPhones  and  Blackberry  Storms.  Where 
the  mobile  market  will  get  squeezed  is  in  the 
middle,  where  many  vendors  have  similar  fea¬ 
ture  sets.  One  advantage  for  mobile  carriers: 
they  have  two-year  contracts  locked  in. 

4.  Notebook  computers  are  still  hot. 

Worldwide  demand  for  notebooks  —  partic¬ 
ularly  the  sub-$500  models  —  has  been  strong 
all  year.  But  that  may  change  in  the  fourth  quar¬ 
ter  given  Intel’s  latest  warnings  about  flagging 
demand  for  its  processors. 

IDC  and  Gartner  reported  that  PC  shipments 
grew  15%  in  the  third  quarter  of  2008,  driven 
primarily  by  sales  of  low-cost  notebook  com¬ 
puters.  Altogether,  more  than  80  million  PCs 
were  shipped  during  the  third  quarter  of  2008, 
which  was  down  from  estimates  earlier  in  the 
year  but  still  represents  healthy  growth. 

The  big  unknown  is  what  will  happen  to 

See  Economy,  page  28 


How  the  heavyweights  are  faring 

Through  the  end  of  September,  many  key  IT  suppliers  were  still 
logging  revenue  gains  as  compared  with  year-ago  quarterly  numbers. 

COMPANY 

JANUARY-MARCH  REVENUE 

APRIL-JUNE  REVENUE 

JULY-SEPTEMBER  REVENUE 

Apple 

$7.51  B  t  42.8% 

$7,5B  t  38% 

$7.9B  t  27% 

AT&T 

$30. 7B  t  6.1% 

$30, 9 B  t  4.7% 

$31.3B  f  4% 

Cisco* 

$9.8B  t  10.4% 

$10.4B  t  10% 

$10. 3B  t  8.1% 

Comcast 

$8.39B  t  13.5% 

$8.6B  t  11% 

$8.55B  t  10% 

CSC 

$4.5B  t  11% 

$4.5B  t  11% 

$4.4B  t  16% 

Dell* 

$16.1  B  f  9% 

$16.4B  f  11% 

Expected  Nov.  20 

EDS 

$5,37B  t  3% 

$5.62B  f  3% 

EDS  was  acquired  by 

HP  on  Aug.  26,  2008 

EMC 

$3.47B  t  17% 

$3.7B  t  18% 

$3.7B  t  13% 

Google 

$5.19B  t  42% 

$5.37B  t  39% 

$5,54B  t  31% 

HP* 

$28. 5B  t  13% 

$28.3B  t  11% 

$28 B  t  10% 

IBM 

$24.6B  t  11% 

$26, 8B  t  13% 

$25. 3B  t  5% 

Intel 

$9.7B  t  9% 

$9.5B  t  9% 

$10. 2B  t  5% 

Microsoft 

$14.45B  No  change 

$15.84B  t  18% 

$15B  t  9% 

Motorola 

$7.45B  *  21% 

$8.1  B  4-  7% 

$7.5B  *  15.1% 

Oracle* 

$5.6B  t  21% 

$7.2B  t  24% 

$5.3B  t  18% 

Qwest 

$3.4B  *  1.4% 

$3.4Bl  2% 

$3.38B  4-  2% 

Sprint  Nextel 

$8B  i  9% 

$9. IB  i  11% 

$8.8B  *  12% 

Sun 

$3.27B  *  0.5  % 

$3.8B4'  1.4% 

$2.99B  *  7.1% 

Time  Warner 

$11.42B  No  change 

$11. 6B  t  5% 

$11. 7B  No  change 

Verizon 

$23.8B  t  5.5% 

$24.1  B  t  3.7% 

$24.8  billion  t  4% 

•OPERATES  ON  A  DIFFERENT  QUARTERLY  SCHEDULE 
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Novell  lays  out 
its  Red  Hat 
attack  plan 

BY  JOHN  FONTANA 

Novell  last  week  took  aim  at  rival  and  Linux 
market  leader  Red  Hat  with  a  migration  ser¬ 
vice  designed  to  help  move  Linux  users  onto 
Novell’s  Suse  enterprise  servers. 

The  SUSE  Linux  Enterprise  Server  (SLES) 
Subscription  with  Expanded  Support  pro¬ 
gram  is  a  three-year  contract  that  covers  sup¬ 
port  for  Red  Hat  or  CentOS,  a  Red  Hat  clone, 
during  the  first  two  years  of  the  deal. 

During  that  time,  Novell  will  provide  Red 
Hat  and  CentOS  server  users  with  binaries 
built  from  source  code  publicly  released  by 
Red  Hat  for  its  platform  and  technical  sup¬ 
port.  The  subscriptions,  which  include  two 
years  of  transition  support  and  three  years 
SLES  support,  are  similar  to  the  three-year  pri¬ 
ority  contracts  Novell  offers  on  its  own 
servers.  The  price  of  the  migration  subscrip¬ 
tion  is  $3,748  per  server. 

“Part  of  what  Novell  is  seeing  here  is  they 
think  they  can  go  after  some  of  these  cus¬ 
tomers  with  the  value  proposition  they  can 
offer,”  says  A1  Gillen,  an  analyst  at  IDC. 
“Frankly,  they  have  made  a  lot  of  acquisi¬ 
tions  to  fill  out  their  virtualization  and  vir¬ 
tualization  management  strategy.  In  fact, 
PlateSpin  has  been  a  really  big  one  for 
them  and  arguably  they  have  a  good  story 
to  tell  and  they  are  sensing  they  can  go  and 
tell  that  story” 

The  open  source  model  lets  Novell  take  the 
updates  Red  Hat  issues  for  its  own  platform 
and  re-package  those  for  distribution.  It  is  the 
same  model  CentOS  uses  to  create  its  clone 
of  the  Red  Hat  platform. 

In  contrast,  proprietary  software  vendors 
such  as  Microsoft  do  not  allow  third  parties  to 
redistribute  the  company’s  patches,  such  as 
the  two  released  last  week. 

“We  think  this  is  a  competitive  replacement 
program,” says  Justin  Steinman.vice  president 
of  solution  and  product  marketing.  “1  don’t 
think  Red  Hat  will  be  excited  about  this,  and 
I  wouldn’t  be  surprised  if  they  want  to  do 
their  own  version.” 

Such  replacement  programs  are  fairly  stan¬ 
dard  among  vendors  battling  for  similar  sets 
of  customers. 

Novell’s  migration  services  will  not  include 
rewriting  applications  or  tweaking  other  soft¬ 
ware  that  users  might  be  running  on  top  of 
Red  Hat  servers.  Novell’s  partners  will  offer 
migration  services  to  fill  those  needs  and  oth¬ 
ers  related  to  moving  workloads  to  SLES. 

Novell  has  been  informally  offering  the 
migration  contracts  as  one-off  contracts  to 
customers  moving  to  SLES.  The  migration 
subscriptions  are  available  now.  ■ 
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notebook  sales  during  the  holiday  season. 
Analysts  have  noted  sluggishness  in  U.S.  corpo¬ 
rate  PC  sales  this  fall  as  well  as  home  sales, 
where  most  demand  is  for  ultra-low-priced 
notebooks. 

“The  impact  will  come  this  quarter.  People 
will  be  looking  for  cheaper  products,”  IDC’s 
Minton  says. 

5.  Telecom  carriers  are  cutting  back,  but  not 
dramatically. 

The  biggest  U.S.  carriers  —  including  AT&T 
and  Verizon  —  are  in  better  shape  going  into 
this  recession  than  they  were  during  the  dot¬ 
com  bust.So  while  consumer  spending  will  fall 
in  2009,  it  is  expected  to  have  less  of  an  impact 
on  the  telecom  sector  than  it  did  after  2001. 

Yankee  Group  says  the  financial  crisis  will 
not  significantly  impact  network  build-outs  by 
carriers  because  most  of  the  financing  for  3G, 
FiOS,  WiMAX  and  other  next-generation  net¬ 
works  is  in  place. 

“These  are  multibillion-dollar  build-outs,  and 
most  of  the  financing  has  been  arranged 
months  if  not  years  in  advance,”  Yankee 
Group’s  Howe  says.“We  were  projecting  that  in 
2009  carriers  would  spend  over  $70  billion  on 
these  network  build-outs  in  the  U.S.  Now  we’re 
saying  that  there  will  be  $2  billion  or  $3  billion 
less  in  spending. . . .  We’re  talking  single-digit 
percentage  declines,  not  wholesale  cuts.” 

This  doesn’t  mean  that  the  network  industry 
will  emerge  from  the  chaos  unscathed. Carriers 
will  squeeze  their  equipment  providers,  and 
companies  like  Cisco  are  already  feeling  the 
pinch.  When  Cisco  announced  its  latest  earn¬ 
ings  a  few  weeks  ago,  CEO  John  Chambers  re¬ 
ported  the  company  had  seen  its  sales  shift 
from  solid-single-digit  growth  in  August  to  a  9% 
decline  in  October. 

Forrester  says  computer  and  communica¬ 
tions  equipment  vendors  will  bear  the  brunt  of 
IT  cost-cutting  from  enterprise  customers. 

6.  Corporate  data  storage  needs  keep  rising 
during  recessions. 

Every  segment  of  the  IT  market  is  weaker 
today  than  it  was  six  months  ago.  But  storage  is 
less  weak  than  others. 

“Storage  is  relatively  stable  because  of  the 
fact  that  companies  are  using  a  lot  more  of 
their  storage  capacity  and  they  are  still  deal¬ 
ing  with  an  increasing  amount  of  data  that  re¬ 
quires  storage  on  a  weekly  basis.  That’s  not 
going  to  change,”  IDC’s  Minton  says.  “It’s  not 
just  the  hardware,  but  the  storage  software 
that  will  be  relative  bright  spots  in  the  years 
ahead.” 

One  storage  industry  bellwether  is  EMC, 
which  continued  to  demonstrate  strong  de¬ 
mand  for  storage  hardware  and  software  in 
its  recent  quarterly  results.  EMC’s  revenue 
grew  13%  in  the  third  quarter  of  2008  com¬ 
pared  with  a  year  ago. 

Unlike  many  other  network  industry  lead¬ 


ers,  EMC  is  projecting  continued  revenue 
gains  in  the  fourth  quarter  of  2008. 

Similarly,  last  week  Brocade  issued  a  prelimi¬ 
nary  release  indicating  strong  sales  for  the 
quarter  ending  in  October. 

7.  New  IT  markets  will  continue  to  emerge, 
although  more  slowly. 

Emerging  economies  such  as  China  and 
Latin  America  are  slowing  down,  but  they  are 
still  expected  to  have  IT  sales  increases  in 
2009.The  Latin  American  market  is  a  solid  one 
for  IT  companies  such  as  IBM,  HP  and  Micro¬ 
soft,  which  have  a  strong  foothold  south  of  the 
border. 

“In  the  past  two  to  three  years,  Latin  America 
has  had  some  of  the  fastest  growth  rates  in  IT 
spending,”  IDC’s  Minton  says.  “Brazil  is  the 
biggest  market, and  it  has  been  growing  at  dou¬ 
ble  digits.  But  all  of  the  markets  in  Latin 
America  have  been  growing  by  more  than  10% 
a  year.  With  some  exceptions,  the  economies 
there  are  relatively  stable  and  have  had  less 
political  turmoil  than  in  the  past. . .  .This  is  one 
of  the  regions  that  we  think  will  bounce  back 
pretty  quickly’ 

Other  emerging  markets  that  are  predicted  to 
continue  to  post  growth  in  IT  spending  in  2009 
are  Central  and  Eastern  Europe,  the  Middle 
East  and  Africa,  IDC  predicts.  While  these  mar¬ 
kets  won’t  experience  double-digit  gains  next 
year,  they  will  help  offset  sharp  declines  in  IT 
purchasing  in  the  United  States,  Japan  and 
Western  Europe. 

One  issue  for  IT  vendors  is  the  rising  strength 
of  the  U.S.  dollar,  which  means  U.S.  tech  ven¬ 
dors  will  bring  home  fewer  dollars  from  their 
foreign  sales  when  they  convert  currencies. 

“The  dollar  has  been  strengthening  against 
every  currency  except  the  Chinese  currency 
says  Forrester  Research  Analyst  Andrew  Bar¬ 
tels.  “Even  if  a  vendor  is  successful  in  sales  in 
Brazil  or  Russia,  they  will  bring  back  fewer  dol¬ 
lars,  which  was  not  the  case  six  months  ago.” 

8.  Outsourcing  helps  companies  stretch  their 
IT  budgets. 

Many  companies  will  freeze  new  IT  initia¬ 
tives  for  the  next  three  to  six  months  as  they 
absorb  the  Wall  Street  crash.  But  one  segment 
that’s  likely  to  continue  is  IT  outsourcing  be¬ 
cause  it  provides  near-term  cost  reductions. 

“While  IT  outsourcing  will  benefit  from  an 
economic  slowdown  in  2008  as  companies 
turn  to  IT  outsourcing  vendors  to  help  cut 
costs,  trends  toward  use  of  lower-cost  offshore 
resources  and  smaller-scale  outsourcing  deals 
will  keep  growth  modest,”  says  Forrester 
Research. 

Forrester  predicts  IT  outsourcing  will  grow 
around  5%  in  2009  and  2010. 

“When  you  sign  an  outsourcing  agreement, 
you’re  locked  into  it  barring  going  out  of  busi¬ 
ness,”  Forrester’s  Bartels  says. 

On  the  horizon  is  cloud  computing,  which 
also  holds  the  promise  of  reducing  corporate 
IT  overhead  but  requires  more  up-front  spend¬ 
ing  than  outsourcing^ 
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For  the  election,  the 
answer  was  the  ’Net 


NET  INSIDER 

Scott  Bradner 


This  column  is  not  about  how  Barack 
Obama  used  the  Internet  to  win  the  elec¬ 
tion.  But  he  sure  did.  He  involved  and 
organized  hundreds  of  thousands  of  volun¬ 
teers  and  raised  hundreds  of  millions  of  dol¬ 
lars  using  the  Internet.  Obama  had  five  times 
as  many  videos  on  his  YouTube  channel  as 
John  McCain’s  did.  More  than  6  million  people 
have  viewed  Obama’s  speech  on  race  rela¬ 
tions,  and  viewing  time  on  YouTube  for 
Obama’s  official  videos  is  claimed  to  total  14.5 
million  hours.  Another  impressive  statistic  is 
that  the  Obama  campaign  scheduled  150,000 
events,  big  and  small,  through  the  Internet. 

This  column  is  actually  about  two  things:  the  press  apparently  being 
surprised  by  Obama’s  use  of  the  Internet;  and  speculation  on  what  the 
campaign  use  means  for  the  Internet  and  the  new  administration. 

The  press  certainly  has  figured  out  that  the  Obama  campaign  used 
the  Internet  more  and  better  than  anyone  has  before  and,  more  and 
better  than  the  McCain  campaign  did.  I  got  almost  40,000  hits  when 
searching  for  Obama  +  Internet  on  Google  news.  (A  search  for  the 
same  strings  in  the  Web  as  a  whole  gets  about  80  million  hits  on 
Google  and  402  million  on  Yahoo.) 

It  is  somewhat  amusing  reading  many  of  the  stories. The  reporters 
seem  to  be  trying  to  outdo  each 


wish  the  Obama 
team  success  but 
will  not  be  surprised 
if  openness  does  not 
come  easy.55 


other  saying  that  campaigns  have 
changed  forever  as  if  past  techno¬ 
logical  innovations  have  not 
impacted  the  way  campaigns  are 
run.  I  guess  looking  back  is  hard 
if  history  is  not  your  beat. 

Whatever  the  Obama  campaign 
did  with  the  Internet.it  is  not  all 
that  unpredictable.  Much  of  it  was 
based  on  what  Howard  Dean 

started,  but  was  not  able  to  follow  through  on,  the  last  time  around. 
Much  of  the  rest  should  have  been  obvious  to  anyone  who  had  been 
observing  the  social  networking  sites,  such  as  Facebook,  over  the  last 
few  years.The  Obama  campaign  did  a  better  job  than  Dean  did  and 
used  a  few  more  tools,  but  I  would  hope  that  people  had  learned 
something  over  the  last  four  years.The  only  thing  surprising  is  how 
much  the  McCain  campaign  seemed  not  to  have  learned.  I  doubt 
that  the  next  round  of  our  quadrennial  national  food  fight  will  be  so 
one-sided  —  at  least  in  terms  of  Internet  use. 

It  is  more  interesting  to  speculate  what  the  Obama  campaign’s  use 
of  the  Internet  will  mean  to  the  Internet  in  an  Obama  administration 
and  to  the  administration  itself. 

The  most  likely  impacts  on  the  Internet  will  be  for  the  Obama 
administration  to  follow  through  with  its  top  technology  goals  of 
ensuring  network  neutrality  when  it  comes  to  U.S.  ISPs  and  to  ensure 
the  wide  availability  of  broadband. 

The  Obama  campaign  said  that  it  wanted  to  create  a  transparent 
and  connected  democracy  This  will  be  hard  to  do.  A  lot  of  the  gov¬ 
ernment  bureaucracy  will  have  to  learn  entirely  new  ways  of  operat¬ 
ing  because  they  have  been  operating  so  long  under  what  many 
observers  consider  the  most  obsessively  secret  administration  in  U.S. 
history  I  wish  the  Obama  team  success  but  will  not  be  surprised  if 
openness  does  not  come  easy 

Disclaimer:  Easy  is  not  the  main  goal  for  much  of  what  goes  on  at 
Harvard  —  competence  is  more  important.  But  I’ve  not  seen  any  uni¬ 
versity  opinions  on  the  ease  of  running  an  open  administration,  so 
the  above  support  and  good  wishes  are  mine. 


Bradner  is  Harvard  University's  technology  security  officer.  He  can  be 
reached  at  sob@sobco.com. 


MAXAttach 


IP 


Superior  SIP-based  VoIP 
Conferencing  Solutions 


S  Better  audio  performance 
S  Better  room  coverge 
V  Better  price 


30  •  NOVEMBER  17-24,  2008  •www.networkworld.com 


■n  THE  CDW  TECHNOLOGY 
W  STIMULUS  PACKAGE 

BECAUSE  NETWORK 
INTRUDERS  DON'T  CARE 
WHAT  YOUR  BUDGET  IS. 


$35 

INSTANT  SAVINGS3 


CDW  973450 


CDW  1555401 


CDW  1385102 


SonicWALL®  Network  Security 
Appliance  (NSA)  3500 


WatchGuard®  Firebox® 
x1250e  Core  UTM  Bundle 


NETGEAR  ProSafe  ”  Wireless-N 
VPN  Firewall 


Multi  core  network  security  appliance  with 
real-time,  deep  packet  inspection  firewall 


Includes  appliance  and  1  -year  subscription  to 
Gateway  AntiVirus/Intrusion  Prevention  Service 


$3394  (V^atchGuard 


$4562" 


Provides  SSL  and  IPSec  for  an  optimal, 
secure  connection  to  your  network 


$310" 


Times  are  tough  and  budgets  may  not  be  what  they  used  to  be.  That's  why  CDW  is  offering  a  stimulus  package  to  help  keep 
your  business  moving.  From  savings  on  top-name  technology  products  to  helpful  advice  on  ways  to  optimize  IT,  CDW  has  the 
best  deals  to  help  you  stay  the  course  and  even  get  ahead  of  the  competition.  Visit  CDW.com/bestdeals  today  and  infuse  your 
business  with  the  right  technology  at  the  right  price. 


CALL  CDW  AND  START  SAVING  TODAY! 


CDW.com/bestdeals  800.652 .4CDW  The  Right  Technology.  Right 

■'  T  :■  1  /<!  ' 

'  •  L  ■  :  :y<  ■  / 

'Receive  one  FREE  SSI  VPN  Appliance  with  any  SonicWALE  NSA  purchase;  offer  valid  through  12/15/08.  Call  your  CDW  account  mhnager  for  details.  -Buy  one  WatchGuard  Firebox  x1250e  Core  UTM  Bundle  fe^fc 
second  bundle  lor  50%  off;  offer  valid  through  12/31/08  or  while  supplies  last.  Call  your  CDW  account  manager  for  details.  Advertised  price  reflects  S35  instant  savings;  offer  valid  through  12/31/06  or  while  sufiplijK 
account  manager  for  details  Offer  subiecl  to  CDW  s  standard  terms  and  ronditions  of  sale,  available  at  CDW.com.  ©2008  CDW  Corporation  ■  ! 


FREE  SSL  VPN  APPLIANCE 
WITH  PURCHASE1 


BUY  ONE  BUNDLE,  GET 
THE  SECOND  50%  OFF2 


pfoOQOOOGQf 


Get  your  website  online 
today!  Whether  you're  creat- 
ing  your  first  website,  or  you're 
a  web  professional,  we  offer  web 
hosting  packages  for  every  skill  level 
and  budget.  Our  entry  level  packages 
start  at  just  $3.99  per  month. 


Attract  attention  with  'M 
a  personalized  domain! 

With  l&l's  all-in-1  domain 
packages,  you're  not  only  get-  1 
ting  a  domain,  but  also  a  5-page 
starter  website  builder  and  privacy 
protection.  Private  registration  is  included  for  FREE 
with  all  plans.  Prices  start  at  just  $8.99/year. 


Theodore's  Pieyele  World 
WwM?  '  WrSpAr '  'T&4yYoBf 

Z"  Check  out  my 

Z-?,  ■■Br  new  h|ke  rePa,r  ^ 

&  FAQ  blog' 


font  far  year  not  UM*y* 
tovfti  Laki  Tahoe' i  Mtyalt  fr» 

Mor»  mloiTnttton?  CluA  toss. 


. . . 


^/wvv 

Up  to  a 

$5  credit! 


$50  credit! 


WEB  HOSTING 


DOMAINS 


C.ipat'ililk's 
of  custom 
laser  euKini; 


‘Credit  amount  dependent  on  package  selected,  and  a  minimum  contract  term  may  apply.  Credit  cannot  be  redeemed  for  cash.  Visit  www.1and1.com  to  view  all  applicable  fees  and  full  promotional  offer  details,  terms  and 
conditions.  Product  and  program  specifications,  availability  and  prices  subject  to  change  without  notice.  )&1  and  the  1&1  logo  are  trademarks  of  1&1  Internet  AG,  all  other  trademarks  are  the  property  of  their  respective  owners. 

©  2008  1&1  Internet,  Inc.  All  rights  reserved 


united 


AE  77665544  B 


£5  w~ri 


E5 


Build  your  own  eCommerce  ^ 
website!  1&1  eShopsarea 
simplified  eCommerce  solution.  ^ 

Use  the  Setup  Wizard  to  build  your  B 
shop  using  customizable  design 
templates,  traffic  boosting  tools,  and 
multiple  payment  options  that  suit  your  business  and  ensure  your 
transactions  are  safe  and  secure.  Prices  start  at  $9.99  per  month. 


NEW:  1&1  Premium  ^ 

Servers!  Our  new  ^ 

servers  with  Quad-Core 
AMD  Opteron™  Processors 
give  you  ultimate  processing 
performance,  cutting-edge,  energy 
efficient  technology  and  unparalleled 
reliability.  Starting  at  $99.99  per  month 


:  A£77S€5Sn4  ® 


AE776SS544B 

E5 


EE  OpOOOOOd'  T 


*E776655H4B 


Hmdoaital  U.wy  Soaps  Y'f'- 
Male  with  Pute  Mawr1 


compatible 

application 


PayPal 


As  the  world's  largest  web  hosting  provider, 
with  more  than  5  million  hosted  websites,  we 
are  committed  to  providing  our  customers  with 
the  progressive  tools  needed  to  develop  and 
maintain  an  innovative  web  presence. 


["*  Get  a  credit  L 
of  up  to  $300  just 
for  signing  up!* 


With  20  years  of  experience,  1&1  is  dedicated 
to  security,  innovation  and  value  when  it  comes 
to  your  website.  As  a  1&1  customer,  you  are  not 
only  assured  your  website  is  up  and  secure,  but 
we  also  equip  you  with  marketing  and  communi 
cation  features  to  achieve  success  on  the  web. 


l^V\A/W^ 


1  Up  to  a 

$150  credit! 


^  Up  to  a  " 
$300  credit! 


3  E-COMMERCE 


AMD 

Opteron 


www.1and1.com 


Service-level  agreements  are  no  longer  enough 


Longtime  readers  know  I’m  a  fanatic  about 
service-level  agreements.  I  regularly  advise 
clients  about  SLA  best  practices,  negotia¬ 
tion  and  enforcement  strategies.  And  we  talk 
often  about  how  to  develop  service-level  man¬ 
agement  and  monitoring  infrastructure  that 
ensures  that  carriers  live  up  to  their  promises. 

But  all  that’s  old  school  in  a  world  where 
service  providers  are  essentially  just  band¬ 
width  providers.  What  happens  as  providers 
move  from  bandwidth  providers  to  applica¬ 
tion  providers?  That  is,  when  the  service 
provider  isn’t  just  generating  bits  on  a  wire, 
but  is  delivering  applications,  storage  and 
computing  services  from  the  cloud? 

A  couple  of  things  change  in  this  new  scenario.  First,  SLAs  neces¬ 
sarily  evolve  from  simple  infrastructure  metrics  (latency,  jitter, 
packet  loss)  to  application-level  metrics  (application  availability, 
response  time).  Second,  monitoring  and  measurement  needs  to  be 
far  more  comprehensive. 

Let’s  say  you’re  relying  on  a  hosting  provider  to  deliver  a  key 
application. You  should  be  able  to  track  server  availability,  applica¬ 
tion  performance,  storage  availability  and  network  performance 
—  not  just  router  uptime.  And  if  the  application  is  hosted  on  a  vir¬ 
tualized  server,  this  can  be  mighty  complex. 

Finally,  there  aren’t  the  same  built-in  upper 
limits  with  application  services  as  with  net¬ 
work  services.  If  you  purchase  T-l  access  to 
MPLS, you’ll  never  use  more  than  aT-l’s 
worth  of  bandwidth.  But  if  you  purchase 
access  to  an  application,  users  may  con¬ 
sume  more  CPU  cycles  than  anticipated  — 
and  service  consumption  (and  costs)  will 


skyrocket. 

The  upshot?  As  services  evolve,  SLA  best  practices  need  to 
change,  too.  A  key  component  that  emerges  as  part  of  SLA  man¬ 
agement  is  the  notion  of  policy  management  and  orchestration. 
Providers  and  their  customers  need  to  be  able  to  manage  and 
monitor  a  broad  range  of  physical  infrastructure,  and  seamlessly 
integrate  that  into  a  provisioning  and  billing  system. They  also 
need  the  ability  to  perform  trend  analysis  and  predictive  model¬ 
ing,  to  anticipate  surges  (or  decreases)  in  demand. 

I’m  intrigued  by  a  service  offering  being  rolled  out  by  BT 
Innovate  (the  arm  of  the  British  Telco  that  includes  the  research 
labs,  among  other  things).  Called  Total  ICT  Orchestration,  the  man¬ 
agement  solution  provides  dynamic  allocation  of  end-to-end  net¬ 
work  and  IT  resources  based  on  SLAs  (and  ultimately,  business  pri¬ 
orities).  It  also  will  include  a  policy  manager,  which  includes  a 
master  control  system  that  connects  all  the  resource  objects  and 
provides  operational  umbrella  over  the  top. The  service  works  in 
conjunction  with  BT’s  managed  network, storage  and  virtualized 
computing  offerings  —  essentially  enabling  the  carrier  to  provi¬ 
sion,  manage  and  deliver  an  application  end-to-end. 

Not  all  of  this  is  new  —  plenty  of  providers  are  moving  to  a  cloud 
computing  model  (storage  in  the  cloud,  computing  in  the  cloud, 
applications  in  the  cloud). What’s  unique  about  BT’s  approach  —  so 
far  as  I  can  tell  —  is  that  it  focuses  on  a  part  of  the  problem  that 
most  services  don’t:  the  provisioning,  management  and  policy  As  IT 

departments  move  increasingly  towards  soft- 
ware-as-a-service,  this  is  something  they’ll 
have  to  keep  in  mind. 

Johnson  is  president  and  senior  founding 
partner  at  Nemertes  Research,  an  independent 
technology  research  firm.  She  can  be  reached  at 
johna@nemertes.  com. 
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Getting  a  handle  on  open  source 


TECH  UPDATE 

An  inside  look  at  technologies  and  standards 


BY  STEVEN  GRANDCHAMP 

Whether  they  know  it  or  not, almost  all  enterprises  have  open  source 
technologies  installed.With  hundreds  of  thousands  of  open  source 
projects  floating  around  —  and  that  are  derived  from  countless 
pieces  of  source  code  that  are  subject  to  any  number  of  licenses  —  it’s 
imperative  companies  implement  governance  measures  to  control  legal 
and  operational  risks. 


The  goal  is  to  put  policies,  systems  and 
processes  in  place  to  ensure  a  reasonable 
standard  of  care  for  the  use  of  open  source 
software.  Companies  also  can  put  governance 
solutions  in  place  that  allow  them  to  inventory 
their  open  source  use,  implement  policies, 
automate  approval  processes,  track  and  audit 
deployment,  and  ensure  compliance  with 
licenses. 

A  critical  component  of  open  source  gover¬ 
nance  is  that  an  enterprise  understand  which 
open  source  software  it  is  using  and  where. 
Besides  helping  a  company  ascertain  legal 
risk,  understanding  “what  and  where”  is  critical 
when  systems  go  down,  security  vulnerabili¬ 
ties  are  uncovered  or  legal  actions  occur. 

Surprisingly,  most  enterprises  do  not  have  a 
handle  on  how  much  open  source  they  use. 
Some  open  source  technologies  are  widely 
used  by  companies  of  all  sizes,  but  other 
packages  are  downloaded  by  developers, 
bypassing  standard  procurement  processes 
and  controls.  In  addition,  some  tools  often  are 
deployed  without  the  company’s  knowledge 
because  they  are  bundled  with  other  pack¬ 
ages  the  developer  wants. 

In  fact,  these  programs  can  contain  dozens 
of  other  open  source  components,  making  it 


difficult  to  assess  which  software  is  being  used 
and  which  licenses  are  involved.  Creating  a 
baseline  for  an  inventory  is  a  key  step  in  gov¬ 
ernance.  This  will  help  an  enterprise  identify 
actions  needed  to  mitigate  legal  risks  and  plan 
for  the  use,  support  and  updating  of  open 
source  components. 

The  license  conundrum 

Although  open  source  is  freely  download¬ 
able,  each  project  comes  with  a  license  that 
governs  the  conditions  of  use.  In  fact,  there  are 
more  than  50  OSI-approved  open  source 
licenses,  thousands  of  variations  on  those 
licenses  and  a  huge  number  of  unapproved, 
one-off  licenses.  Although  much  of  the  discus¬ 
sion  about  open  source  licensing  revolves 
around  GPL  licenses,  other  licenses  are  much 
more  common  in  the  software  enterprises  use. 

Unlike  the  situation  with  commercial  soft¬ 
ware,  the  user  of  downloaded  open  source 
software  has  to  research  which  license  ap¬ 
plies.  In  many  cases  there  may  be  multiple 
licenses  because  of  bundled  code,  and  often 
the  licenses  are  not  clearly  enumerated.  It 
requires  due  diligence  to  uncover  all  that 
apply  In  addition,  some  licenses  may  have 
conflicting  obligations,  even  if  they  serve  com¬ 


ponents  of  a  single  application. 

Once  a  company  knows  which  open  source 
tools  it  has,  it  needs  to  define  and  implement 
policies  that  govern  their  use.  These  policies 
should  define  the  parameters  and  rules  under 
which  the  organization  will  select,  use  and 
manage  open  source,  including  requirements 
for  certification  or  support,  which  licenses  are 
acceptable,  the  processes  and  criteria  by 
which  open  source  may  be  approved,  and 
guidelines  for  interaction  with  the  community 
For  example,  a  policy  might  define  whitelists 
of  pre-approved  open  source  tools  and  black¬ 
lists  of  forbidden  ones,  as  well  as  the  condi¬ 
tions  for  using  “greylist”  packages. 

The  management  of  license  approvals  can 
range  from  a  simple  e-mail  process  declaring 
what  is  being  used  to  something  more  sophis¬ 
ticated.  What’s  important  is  to  have  a  history  of 
what’s  being  used,  where  it’s  being  used  and 
what’s  been  approved.  As  these  approval 
processes  are  implemented  and  automated, 
they  will  become  part  of  standard  develop¬ 
ment  practices. 

One  goal  towards  which  an  enterprise 
should  work  is  a  complete  audit  trail  of  its 
open  source  tools.  If  there’s  no  record  of  the 
software  installed,  hunting  one  down 
becomes  much  more  difficult  and  expensive 
when  a  legal  or  production  issue  arises. 

First,  enterprises  need  to  track  open  source 
that  goes  through  the  designated  processes  — 
including  downloads  from  an  approved  repos¬ 
itory  and  the  history  of  approved  uses.  Even 
with  appropriate  policies  and  processes, some 
unapproved  software  may  slip  through  the 
cracks.  So,  enterprises  also  need  to  back  up 
their  efforts  with  periodic  checks  and  audits  to 
make  sure  everyone  is  following  the  rules.  An 
audit  allows  a  company  to  compare  open 
source  use  with  policy  and  approvals,  and 
look  for  red  flags. 

In  addition,  just  as  with  proprietary  software, 
a  company  should  make  sure  it  supports  open 
source,  controls  the  versions  in  use  and  man¬ 
ages  the  update  process.  Many  enterprises  say 
they  have  myriad  versions  of  a  single  open 
source  component,  and  they  are  often  unsure 
which  versions  are  running  where.  The  end 
result  can  have  an  impact  on  uptime,  effi¬ 
ciency  and  risk. 

Grandchamp  is  CEO  of  OpenLogic  ( www.op 
enlogic.com). 


This  vendor-written  tech  primer  has  been 
edited  by  Network  World  to  eliminate  prod¬ 
uct  promotion,  but  readers  should  note  it 
likely  will  favor  the  submitter’s  approach. 


Best  practices:  open  source  governance  processes 
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I  designed  the  foundations  of  DNS  25  years  ago  to  be  simple  and  modular. 
That’s  how  dozens  of  extensions  have  been  successfully  added  over  the  years  to,  for  example, 
integrate  DNS  with  DHCP,  route  VOIP  calls,  lookup  RFID  tags,  and  use  international  character  sets.  All  aspects 
of  the  DNS  are  larger  now.  The  email  that  needed  one  DNS  lookup  in  1983  now  needs  dozens  for  delivery  and 

spam  checking  -  not  to  mention  a  billion  or  so  new  public  and  private  domain  names. 

But  don’t  let  this  seeming  complexity  get  you  down. 


The  first  key  for  dealing  with  this  challenge  is  to  select  tools  that  have  been  tested, 
proven  and  use  the  same  simple  and  modular  approach.  That  way,  effort  in  one 
application  helps  another.  At  Nominum,  we  tested  our  ENUM  servers  to  be 
sure  that  they  could  handle  DNS  databases  that  had  millions  of 
separate  zones  and  billions  of  resource  records  and  still 
deliver  instant  server  restarts  and  still  deliver  industry-leading 
performance.  That  meant  that  when  a  huge  antispam 
database  application  came  our  way  we  knew 
there  was  no  scaling  issue. 

The  second  key  is  to  use  the  advanced  technology  to 
monitor  and  control  your  DNS  (and  DHCP)  systems. 
You  shouldn’t  expect  your  sysadmins  to  validate 
security  credentials  by  hand  or  learn  new  languages 
when  your  business  goes  international.  Human  error  is 
always  a  concern.  DNSStuff  uses  its  own  dedicated 
network  assets  to  monitor  your  DNS  systems  at  a  level 
of  detail  unmatched  by  other  tools,  then  it  uses  its 
proprietary  algorithms  to  give  you  the  most  specific 
results  and  actions  to  fix  any  problems.  When  new  DNS 
applications  and  extensions  are  added,  DNSStuff  tools 
are  there.  Not  all  DNS  tools  are  created  equal. 


Paul  Mockapetris,  Father  of  DNS,  invented  1983 
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How  big  boys  boost  cellular  signals 

i 


Mark  Gibbs 


first  wrote  about  my  lousy  cell  phone  service 
signal  quality  last  month  and  how  an  add-on 
antenna  had  improved  life  for  me. 

/!/'  A  cunning  PR  person  subsequently  got  in 
touch  and  hooked  me  up  with  the  big  boy’s  way 
GEARHEAD  of  improving  cell  phone  reception:  The  zBoost 
made  by  Wi-Ex. 

The  Wi-Ex  products  are  not  femtocells,  which 
use  some  kind  of  back-haul,  usually  wired,  and 
act  as  cellular  service  access  points  in  their  own  right.  In  contrast,  Wi-Ex 
products  are  smart  repeaters  that  relay  the  cellular  signals  using  some 
secret  sauce  voodoo  technology  that  “handles  all  PCS  or  CEL  protocols 
and  includes  multiple  patent-pending  technologies  to  provide  low-cost 
coverage  while  continually  adapting  to  signals  to  prevent  interference 
and  remain  transparent  to  the  wireless  network.” 

After  considering  whether  I  wanted  to  test  these  products  for,  oh, 
maybe  a  heartbeat,  I  said  “yes”  and  a  few  days  later  received  a  zBoost 
YX510-PCS-CEL  ($399),  a  dual-band  repeater  for  both  800MHz  (CEL) 
and  1900MHz  (PCS)  devices. Wi-Ex  also  make  single-band  variants  that 
are  $100  less,  but  in  a  business  setting  you’d  be  advised  to  buy  the  dual¬ 
band  model  as  there  will  most  likely  be  multiple  cell  phone  service 
providers  in  your  area;  at  WirelessAdvisor.com  you  can  find  out  which 
carriers  in  your  area  provide  what  services  in  which  bands. 

The  dual-band  product  supports  cellular  networks  that  use  CDMA, 
GSM,TDMA,  GPRS,  EDGE,  lxRTT,EVDO  and  HSDPA.  Apparently  the  only 
cellular  service  not  supported  is  the  iDEN  service  from  Nextel. 

So,  installing  a  zBoost  system:  In  the  box  is  a  “signal  antenna”  (a  14 
inch  long,  one  inch  diameter  cylinder  with  a  BNC  connector  at  one 
end),  antenna  mounting  hardware,  50  feet  of  75  ohm  RG-6  coax,  a  wall 
wart  and  a  zBoost  base  unit  with  mounting  bracket. 


Setup  isn’t  difficult  but  you  have  to  observe  a  few  requirements:  First, 
the  signal  antenna  has  to  be  mounted  as  high  as  possible  —  outside  or 
in  an  attic  is  best,  outside  of  a  window  is  good,  and  indoors  on  the  side 
of  a  room  nearest  to  the  local  cell  tower  is  the  least  preferred.  Second, 
the  signal  antenna  should  be  at  least  3  feet  from  any  metalwork,  pipes, 
air  conditioners  and  so  on. 

Next,  the  base  unit  should  be  located  at  least  15  feet  vertically  from 
the  signal  antenna  and  finally  you  are  supposed  to  locate  the  base  unit 
in  the  middle  of  the  space  to  be  serviced  or  on  an  outside  wall  at  about 
4  feet  from  the  floor  and  at  least  2  feet  from  power  cords. 

1  attached  the  antenna  to  the  top  of  the  metal  mast  that  supports  my 
weather  station  so  that  I  could  get  as  much  height  as  possible.  1  then  ran 
the  coax  down  into  the  room  below  through  an  attic  vent  and  plugged 
it  into  the  base  unit  (you  can  add  another  20  feet  of  coax  if  needed). 
Finally  I  powered  up  the  base  unit,  which  then  indicated  by  flashing 
lights  that  the  signal  quality  was  good  and  that  there  weren’t  any  instal¬ 
lation  problems.  Pretty  easy 

Despite  the  proximity  of  metalwork  to  the  signal  antenna  I  got  a  great 
signal  and  saw  the  bars  on  my  cell  phone  —  aT-Mobile  G1  (the  famed 
Google-phone),  which  1  will  review  in  a  couple  of  weeks  —  jump  from 
a  fluctuating  two  to  a  solid  four!  That  means  that  the  signal  strength 
went  from  -103dBm  to  -63dBm  . .  .WOOt! 

The  zBoost  can  cover  an  area  of  2,500  square  feet  (a  circle  with  a 
radius  of  roughly  28.5  feet)  and  W-Ex  offers  optional  upgraded  outdoor 
and  indoor  antennas  that  can  boost  the  coverage  to  10,000  square  feet. 

This  is  a  terrific  solution  for  locations  or  building  where  cellular 
reception  is  poor  because  of  obstructions  or  terrain.  Highly  recom¬ 
mended,  and  the  zBoost  YX510-PCS-CEL  gets  a  5  out  of  5. 

Gibbs  is  very  receptive  in  Ventura,  Calif.,  at  gearhead@gibbs.com. 


BlackBerry  Bold  hits  speed  bumps 


COOL 


The  scoop:  BlackBerry  Bold  9000  with  AT&T 
service,  by  Research  in  Motion,  about  $300 
(after  $100  rebate,  with  two-year  agreement, 
plus  service). 

What  it  is:  The  Bold,  which  has  been  available 
in  other  countries  for  a  while,  finally  comes  to 
the  United  States  through  an  exclusive  arrange 
ment  with  AT&T.  The  smartphone  is 
the  first  BlackBerry  device  to  sup¬ 
port  HSDPA  high-speed  wireless  networks,  bringing  a 
level  of  faster  data  downloads  to  U.S.  BlackBerry  own¬ 
ers. 

A  624MHz  processor  runs  the  Bold,  and  it  includes 
128MB  of  flash  memory  1GB  of  internal  memory,  with 
support  for  more  storage  via  a  built-in  microSD/SDHC 
memory  card  slot  (and  it’s  sideloaded,  not  stuck 
behind  the  battery  case  —  woo-hoo!).The  device  also 
includes  802.1  la/b/g  wireless  connectivity  as  well  as 
Bluetooth  (including  the  stereo  headset  profile). 

Other  features  include  a  built-in  GPS,  a  2-megapixel 
digital  camera  (with  5x  digital  zoom,  flash  and  video 
recording  functions),  voice-activated  dialing  and  a 
media  player.  An  HTML  browser  aims  to  provide  a 
“desktop  style”  of  Web  page  viewing,  with  the  ability 
to  use  the  BlackBerry’s  trackball  like  a  mouse. 

Why  it’s  cool:  The  redesigned  interface  is  very 
easy  to  use,  as  the  icons  are  easier  to  understand 
and  access  than  with  previous  BlackBerry  models. 

The  basic  business  features  worked  well  and  were 
easy  to  access.  I  was  more  impressed  with  the  per¬ 
sonal  applications  added  to  the  Bold,  including  the 
music  player,  digital  camera  and  video  player.  The 


RIM’s 
BlackBerry 
Bold  9000 


bright  and  colorful  screen  and  dual  stereo  speakers  made  videos  enjoy¬ 
able  to  watch,  and  music  enjoyable  to  listen  to  (the  included  Media 
Synch  application  made  it  easy  to  transfer  music  to  the  device).  I’m 
even  impressed  by  the  leather  back  of  the  Bold,  which  gives  an  execu¬ 
tive  feel  to  it  (although  you’ll  probably  want  to  protect  the  front  of  the 
device  with  a  case). 

Some  caveats:  Despite  the  claims  of  a  “faster  network”  for  the  Bold,  my 
Internet  speed  tests  on  the  browser  showed  an  average  download 
speed  of  31 1Kbps.  As  a  comparison,  an  iPhone  on  the  same  AT&T  3G 
network  averaged  774Kbps  of  download  speed.  Moving  to  Wi¬ 
Fi,  the  iPhone  achieved  an  average  of  1.14Mbps  (via  my 
home  broadband).  At  first,  the  browser  wasn’t  even  sup¬ 
porting  Wi-Fi,  until  1  switched  the  setting  to  the  “Hotspot 
browser’’  which  allows  Wi-Fi  network  access  to  the 
Internet  without  having  to  go  through  the  BlackBerry 
Internet  Service  or  a  BlackBerry  Enterprise  Server  (a  nod 
to  IT  for  security  issues). Switching  to  the  Hotspot  Browser 
didn’t  really  help  much,  as  the  Wi-Fi  connectivity  only  pro¬ 
duced  an  average  bandwidth  of  255Kbps.  I’m  sure  there 
are  some  good  reasons  for  the  dual  browser  configura¬ 
tions,  but  it  adds  to  confusion,  something  users  might  not 
even  investigate.  The  Bold  may  be  accessing  the  fast  lane, 
but  its  browser  is  being  lapped  by  the  iPhone. 

Bottom  line:  This  is  a  nice  step  forward  for  RIM  and  the 
BlackBerry  line  —  most  business  users  should  be  happy 
with  this  device  (unless  they  really  want  fast  Wi-Fi  browser 
speeds). 

Grade:  ★★★★(out  of  five). 

Shaw  can  be  reached  at  kshaw@nww.com.  Cool  Tools 
videos  and  Twisted  Pair  podcast  can  be  seen/ heard  weekly  at 
www.  networkworld.  com. 
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Report  network  wide  without  sacrificing  granularity  with  the  Network  Instruments®  Observer  Reporting 
Server.  Report  by  department  or  function  to  see  how  problems  impact  your  business.  Plan  better  with 
custom  reports  and  trending.  Drill  into  individual  links  or  user  data  and  interface  flawlessly  with  Observer® 
and  GigaStor™  for  rapid  resolution  and  back-in-time  analysis.  Enterprise-wide  reporting  with  drill-down 
detail— now  you  can  have  it  both  ways. 
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CLEAR  CHOICE  TEST  WLAN 


MANAGEMENT 


Client-side  Wi-Fi  discovery  tools 
aid  in  WLAN  management  tasks 

PassMark’s  WirelessMon  provides  IT  best  window  into  client  connections 


BY  C.J.  MATHIAS,  NETWORK  WORLD  LAB  ALLIANCE 

i-Fi  discovery  and  connection  tools  have  existed  since  the 
early  days  of  802.11.  While  many  have  their  roots  in  such 
hacker  tools  as  AirCrack.WEPCrack,  AirSnort,  CoWPatty,  and 
AirSnarf,  which  were  all  developed  to  exploit  the  fundamen¬ 
tal  weakness  in  Wired  Equivalent  Privacy,  these  tools  now  legitimately 
embody  the  client-side  user-interface  elements  that  help  establish 
essentially  every  wireless  LAN  link. 

Today’s  commercial  and  open  source  discovery  and  connection 
tools  —  as  shown  in  this  Clear  Choice  test  of  nine  software  packages, 
the  second  in  our  series  of  tests  homing  in  on  the  various  layers  of 
WLAN  management  wares  —  range  in  function  from  the  very  basic 
(Microsoft’s  Wireless  Zero  Configuration  [WZC]  approach)  to  robust 
enough  to  enable  diagnostic  use  throughout  in  the  enterprise  (such 
as  PassMark’s  WirelessMon  and  Sandy  Road’s  WiFi  Hopper,  our  Clear 
Choice  winner  and  runner-up,  respectively). 

A  good  connection  manager  can  complement  the  functions  of  a  cen¬ 
tralized  WLAN  management  console,  providing  a  view  of  clients’  radio 
and  network  parameters  not  readily  available  from  most  enterprise- 
class  WLAN  management  products.  A  network  operations  person 
would  tap  into  the  client  (possibly  over  a  remote-control  or  similar  con¬ 
nection)  to  apply  the  data  gathered  by  the  connection  manager  to  the 
wider  WLAN-management  picture.  On  the  lower  end,  a  smaller  organi¬ 
zation  lacking  a  centralized  management  console  could  use  one  of  the 
more  feature-rich  tools  for  many  WLAN  troubleshooting  activities. 

The  simple  case 

While  many  Wi-Fi  users  rely  on  the  Microsoft’s  WZC  tool,  along  with  the 
Wireless  Auto-Configuration  service  in  Microsoft’s  servers  and  WLAN 
AutoConfig  in  Vista,  these  are  inadequate  for  all  but  the  most  basic  dis¬ 
covery  and  connection  functions. 


WZC  provides  only  very  basic  features,  little  more  than  a  list  of 
potential  connections  for  a  user  to  choose  from,  and  the  ability  to 
enter  and  save  security-key  data.  Because  this  capability  is  so  lim¬ 
ited,  we  suggest  that  most  users  at  least  opt  for  the  connection  man¬ 
ager  included  with  the  Wi-Fi  adapter-driver  combination  shipped 
with  their  mobile  computer.  These  tools  (often  touted  as  competi¬ 
tive  differentiators  by  WLAN  adapter  vendors)  provide  quicker 
connection  times  and  often  report  more  detailed  information  on 
available  networks  (often  including  connection  performance  sta¬ 
tistics)  than  is  available  in  WZC. 

A  good  example  of  this  class  of  product  is  the  Intel  ProSet/Wireless 
connection  manager  that  comes  with  the  Intel  Pro/Wireless  2915ABG 
wireless  adapter  built  into  the  Dell  710m  notebook  running  XP  SP2  we 
used  for  most  of  our  testing  (see  “How  we  did  it,”  www.nwdoc 
finder.com/7521).  In  addition  to  its  simple  user  interface  and  its  abili¬ 
ty  to  list  and  enable  client  connections  for  networks  within  range,  this 
tool  reports  a  wealth  of  connection  information,  including  detailed 
802.11  protocol  data  and  statistics  (including  bytes  transferred  by 
individual  802.11  connection  rates),  Received  Signal  Strength 
Indication  (RSSI), roaming  events, and  even  such  low-level  802.1 1  pro¬ 
tocol  details  as  beacon  frames  seen,  which  are  used  to  advertise  the 
availability  of  a  given  WLAN. 

The  Intel  tool  also  enables  quick  access  to  control-panel  settings 
and  related  driver  information  for  the  adapter,  includes  a  built-in 
troubleshooter  and  a  detailed  event  log,  and  has  the  option  of  pass¬ 
word-protected  administrative  (as  opposed  to  user)  control  over  Wi¬ 
Fi  settings  so  that  administrators  can  lock  down  clients  settings.  In 
short,  these  features  in  a  discovery  tool  and  connection  manager  are 
all  most  users  (and  enterprise  network  managers)  would  need  to 
access  Wi-Fi  networks  in  any  form  (including  hot-spot  and  public- 
access  networks)  and  troubleshoot  connection-related  problems 


NETRESULTS 


: 


T-Mobile 


Product 

WirelessMon 

Wi-Fi  Hopper 

Intel 

ProSet/Wireless 

Connection 

Manager 

inSSIDer 

Vendor 

PassMark 

www.passmark.com 

Sandy  Roads 
wifihopper.com 

Intel 

www.intel.com 

T-Mobile 

www.t-mobile.com 

MetaGeek 

www.metageek.net 

Price 

$24  (standard); 

$49  (professional). 

$35  (single  user); 

$18  (academic). 

Included  with 
adapter. 

Free 

Free,  open  source. 

Pros 

Feature-rich,  easy  to 
use. 

Feature-rich;  easy  to 
use. 

Lots  of  features, 
free. 

Good  basic  features, 
access  to  T-Mobile 
account  information. 

Simple  to  use, 
shows  running  RSSI 
performance  over 
time. 

Cons 

Features  may  vary 
with  adapters 

Not  as  robust  as 
WirelessMon. 

Specific  to  Intel 
adapters. 

Not  useful  as  a  diag¬ 
nostic  tool. 

Monitor  only;  not  for 
connecting. 
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5.0 

4.6 

4.5 

4.2 

4.0 
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(see  “Tools  that  help  find  hot  spots,”  page  44).  We 
used  the  ProSet/Wireless  tool  as  a  general  reference 
for  accuracy  and  functions  in  the  subsequent  testing 
of  other  products.  It  certainly  held  its  own  against 
other  products;  only  WirelessMon  and  WiFi  Hopper 
topped  its  scores. 

Getting  deeper 

If  you’re  looking  for  more  detail  than  typically  sup¬ 
plied  by  a  wireless  adapter  vendor,  there  are  a  number 
of  third-party  discovery  and  connection-manager 
products  on  the  market  that  can  help.  We  selected 
eight  additional  products  beyond  the  Microsoft  and 
Intel  options  already  discussed,  all  of  which  are  read¬ 
ily  available  on  the  Web;  and  put  them  through  their 
paces,  rating  each  on  ease  of  installation,  ease  of  use, 
range  of  functions  and  documentation. 

Note  that  over  the  years  there  have  been  dozens  of 
Wi-Fi  discovery  tools  developed  and  posted  on  the 
Web.  Most  of  these  were  designed  to  work  with  a  lim¬ 
ited  range  of  client  cards  (with  many  stuck  at 
802.1  lb),  and  are  thus  obsolete  today  For  our  testing, 
we  reviewed  the  status  of  products  wed  examined  in 
the  past  and  ruled  out  those  that  hadn’t  been  updat¬ 
ed  within  the  past  year.  Except  for  two  (not  surprising¬ 
ly,  the  leaders),  all  the  tools  we  tested  were  free,  and  a 
few  were  even  open  source. 


PassMark’s  WirelessMon  connection  manager  earned  top  marks  in  this 
test  because  of  the  sheer  amount  of  data  it  provides  to  the  user  and  the 
WLAN  management  staff  about  pertinent  WLAN  client  connections. 


Third-party  discovery  tools 

At  the  top  of  our  list  of  products  tested  is  PassMark’s  WirelessMon, 
which  isn’t  free,  but  it  is  inexpensive  and  a  great  value.  The  standard 
version  we  tested  is  $24  (a  30-day  evaluation  copy  is  free); and  the  pro¬ 
fessional  version,  which  includes  GPS  tracking  (obtained  via  an  exter¬ 
nal  third-party  adapter)  and  the  ability  to  create  a  signal-strength  map 
that  uses  this,  is  $49. 

WirelessMon  is  loaded.  A  summary  tab  provides  information  typical 
of  other  connection  managers  with  respect  to  available  Service  Set 
Identifiers  (SSID).Also  included  are  a  detailed  statistical  analysis  by 
frame  type,  real-time  signal-strength  and  throughput  graphs,  IP  statis¬ 
tics,  and  everything  that  might  be  required  for  performance  analysis 
and  troubleshooting.  Overall,  the  standard  version  should  provide 
most  of  what  enterprise  users  need,  and  it’s  worth  the  small  investment 
for  those  seeking  detailed  status  and  diagnostic  information. This  tool 


might  be  overkill  for  users  who  can  get  by  with  a  simpler  connection 
manager,  but  those  chartered  with  support  functions  will  want  to  take 
a  look  at  this  excellent  product. 

Also  near  the  top  of  our  list  is  WiFi  Hopper  from  Canadian  firm 
Sandy  Road.  This  is  a  robust  application  that  actively  scans  for  Wi-Fi 
networks.  It  allows  network  filtering  by  type  of  802. 1 1  PHY,  operational 
mode  (infrastructure  or  ad  hoc), security  mode,  and  channel.  Its  use¬ 
ful  signal-strength  graph  shows  a  snapshot  over  time,  and  it  has  a  very 
complete  list  of  device  details,  IP  information,  traffic  counters  and  sup¬ 
port  for  an  external  GPS  adapter,  although  only  on  a  serial  port.  A 
broad  range  of  configuration  and  customization  options  are  included, 
as  is  a  useful  manual  in  HTML  format.  The  product  requires  registra¬ 
tion  and  payment  ($35  per  user;  $18  for  academic  users)  beyond  an 
initial  15-day  trial  period. 

Xirrus  Wi-Fi  Tools  is  free  and  is  implemented  as  a  Yahoo  Widget.  The 


AirGrab  Wi-Fi  Wireless  Zero 
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Yahoo  Widget  support  application  also  re¬ 
quired  is  available  as  a  free  download,  and 
Microsoft  .Net  2.0  must  be  installed  to  operate 
it  effectively.  When  running,  the  Xirrus  Tools 
Widget  shows  relative  signal  strength  on  a 
polar-coordinates  scale  that  depicts  apparent 
distance  between  access  points;  this  feature  is 
useful  in  locating  an  access  point  physically, 
whether  the  client  is  connected  to  it  or  not. 

The  documentation,  in  the  form  of  a  PDF  file 
and  a  glossary  is  concise  enough  to  explain 
operations  adequately. 

This  application  might  be  a  little  cute  for 
some  users,  but  regardless  is  much  better 
than  WZC.  Its  implementation  as  a  widget, 
unique  among  products  tested  here,  will 
appeal  to  many  —  not  to  mention  the  plus  of 
being  available  on  Macs  (also  as  a  Yahoo 
Widget)  and  some  Linux  distributions  as  well. 

InSSIDer  from  MetaGeek,  the  company  that 
builds  the  Wi-Spy  spectrum  analyzer  we’ll 
review  in  an  upcoming  article,  is  free  and 
open  source.  Functions  are  limited  to  detect¬ 
ing  access  points  within  range;  listing  the 
usual  information  (channel,  RSS1,  security 
connection  speed)  plus  first-  and  last-seen 
time  stamps;  and  producing  a  running  graph 
of  RSSI  by  SSID  using  colored  traces  corre¬ 
sponding  to  an  individual  access  point.  InSSIDer  is  simple  and  useful 
in  evaluating  signal  quality  for  roaming  clients. 

If  you  have  a  Mac 

The  Macintosh  is  often  shortchanged  (OK,  ignored)  by  Wi-Fi  devel¬ 
opers  because  all  Macs  have  integral  Wi-Fi  support  and  only  the  Mac 
Mini  lacks  an  802.1  In  adapter. The  Mac’s  own  simple  discovery/con¬ 
nection  applet  shows  available  networks  and  signal  strength,  and 
enables  making  connections,  but  it  offers  even  less  information  than 
WZC.  However,  there  are  a  few  open  source  discovery  tools  available 
for  the  Mac,  and  we  tried  three  of  them  on  a  2.8GHz  iMac  running 
MacOS  10.4  and  Apple’s  standard  Wi-Fi  adapter,  which  is  based  on  a 
Broadcom  a/b/g/n  chipset. 

First  up  was  KisMac,a  fairly  simple  discovery  tool  that  supports  both 


active  (probe-based)  and  passive  scanning, 
and  will  examine  multiple  channels  (via  hop¬ 
ping)  if  the  driver  in  use  supports  this  func¬ 
tion.  The  latest  version  (0.21a)  runs  only  on 
MacOS  10.5.1  or  later,  so  we  had  to  use  this 
version  of  the  operating  system  for  this  test,  but 
on  the  same  hardware.  In  addition  to  the  usual 
channel,  SSID,  Basic  SSID,  security  (encryp¬ 
tion),  network  type  and  vendor,  KisMac  can 
show  signal-to-noise  ratio  information,  and 
packet  and  data  counts  when  in  passive 
mode.  Filtering  is  enabled  by  a  variety  of  the 
above  fields,  and  activity  dumps  can  be  writ¬ 
ten  to  pcap  (packet-capture)  files.  Overall,  this 
is  a  much  better  tool  than  Apple’s  default  func¬ 
tionality  but  still  reflects  its  hacker  heritage. 

iStumbler  is  more  user-friendly  than  KisMac. 
It  fires  right  up  with  no  driver  selection,  and 
immediately  begins  probing  for  networks.  It 
also  displays  signal  strength  for  a  selected 
SSID,  signal  and  noise  levels  (as  percentages), 
and  channel  as  a  frequency.  For  our  802.11a 
(5GHz)  access  point,  however,  the  frequency 
was  reported  as  -1 ,  with  a  corresponding  chan¬ 
nel  of  0.  It  also  was  unable  to  identify  the  ven¬ 
dors  of  two  of  our  four  test  access  points,  and 
called  infrastructure  access  points  “managed,” 
a  little  confusing.This  application  was  the  best 
of  the  open  source  Mac  bunch,  but  still  isn’t  ready  for  prime  time. 

Finally  we  found  AirGrab  WiFi  Radar  to  be  a  fairly  basic  application 
that  displays  both  signal  and  noise  levels  (in  decibels  per  milliwatt), 
but  otherwise  is  not  that  interesting  to  enterprise  managers.  It  dis¬ 
played  a  “can’t  flush  file  descriptor”  error  on  a  regular  basis,  and 
reported  incorrect  security  levels. The  Web  page  notes  the  availability 
of  Version  0.8,  but  what  you  get  in  the  download  is  Version  0.7. 

See  WLAN  management,  page  44 
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The  Intel  ProSet/Wireless  connection 
manager  that  is  delivered  as  part  of 
Intel’s  Pro/Wireless  2915ABG  wireless 
adapter  garnered  high  marks  for  the 
amount  of  connection  data  it  shows 
its  users. 


SCORECARD 


Action 

Product 

Ease  of  use 

Weighting 

40% 

PassMark 

WireiessMon 

5.0 

Sandy  Roads 

WiFi  Hopper 

5.0 

Intel 

Intel  ProSet/Wireless 

5.0 

T-Mobile 

Connection  Manager 

5.0 

Metageek 

inSSIDer 

5.0 

Xirrus 

Xirrus  Wi-Fi  Tools 

5.0 

Alt  Watt 

iStumbler* 

4.0 

Geordie  Millar 

KisMac* 

3.5 

AirGrab 

AirGrab  WiFi  Radar* 

3.0 

Microsoft 

Wireless  Zero 
Configuration 

4.0 

Scoring  key:  5:  Exceptional;  4:  Very  good;  3:  Average;  2:  Below  average;  1:  Subpar  or 

*Runs  on  a  Mac 


Functions 

Installation 

Documentation 

Total 

40% 

10% 

10% 

5.0 

5.0 

5.0 

5.0 

4.50 

4.0 

4.0 

4.6 

4.0 

5.0 

4.0 

4.5 

3.0 

5.0 

5.0 

4.2 

3.0 

4.0 

4.0 

4.0 

3.0 

5.0 

4.0 

3.9 

3.0 

5.0 

3.0 

3.6 

3.0 

5.0 

2.0 

3.3 

2.0 

5.0 

3.0 

2.8 

1.0 

3.0 

1.0 

2.4 

not  available. 
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With  the  world’s  data  growing  dramatically,  IBM  storage  virtualization  solutions 
can  help  you  gain  control  in  a  responsible,  energy-efficient  way.  The  IBM 
System  Storage"'  SAN  Volume  Controller  can  reduce  storage  growth  by  up  to 
20%  and  boost  utilization  by  as  much  as  30%.  And  combined  with  IBM  tape 
solutions,  some  companies  have  reduced  their  TCO  by  as  much  as  50%:  A 
greener  world  starts  with  greener  business.  Greener  business  starts  with  IBM. 
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continued  from  page  42 

Conclusion:  It  still  needs  work.  Our  advice  is  to  stick  with  the  Mac  ver¬ 
sion  of  Xirrus  Wi-Fi  Tools,  which  has  a  feature  set  identical  to  that  of 
the  Windows  version. 

Linux  tools 

Increasingly,  many  Linux  distributions  are  being  shipped  with  Wi-Fi 
discovery  clients  that  are  easy  to  use,  albeit  modest  in  function.  For 
example,  the  Xandros-based  Asus  Eee  701,  which  we  regularly  use  but 
did  not  formally  test,  has  a  connection  manager  that  shows  available 
networks,  details  on  the  connected  network  and  properties  of  the 
wireless  adapter  installed. 

We  didn’t  test  any  third-party  Wi-Fi  discovery  tools  and  connection 
managers  for  Linux  because  we  couldn’t  find  any  precompiled  tools 
for  the  platforms  we  have  in  our  lab. 

There  are,  however,  a  number  of  open  source  packages  available, 
including  WiFiZoo  (written  in  Python  but  requiring  the  scapy  packet- 
manipulation  program), PrismStumbler, Kismet  (which  we’ll  review  on 
Windows  XP  in  an  upcoming  article  on  Wi-Fi  traffic  analyzers),  and 
NetworkManager.  Most  of  these  come  from  the  hacker  domain,  so 
expect  features  that  scan  for  “interesting”  data,  such  as  passwords.  If 
you  want  to  build  your  own  tool,  these  might  be  a  good  place  to  start. 

And  the  winner  is . . . 

If  the  point  of  tying  these  types  of  tools  into  your  WLAN  manage¬ 
ment  scheme  is  to  gain  more  information  about  your  existing  and 
future  wireless  client  connections,  Passmark’sWirelessMon  is  the  clear 
winner.  It’s  not  free,  but  its  features,  quality  and  usability  really  would 
show  well  in  an  enterprise  environment.  We  have  added  a  copy  of  this 
product  to  our  arsenal  here  at  Farpoint  Group,  to  be  used  for  debug¬ 
ging  and  analyzing  connectivity  problems. 

WiFi  Hopper  might  be  a  good  runner-up  if  the  outfit  behind  it  contin¬ 
ues  to  keep  it  current.  The  other  PC  tools  tested  are  fine  for  basic  dis¬ 


covery  and  connectivity  but  may  add  less  value  than  the  console  that 
comes  with  your  computer’s  Wi-Fi  adapter  (which,  again,  is  the  place  to 
start)  and  probably  won’t  be  very  interesting  to  enterprise  network  man¬ 
agers.  We  were  uniformly  disappointed  in  the  quality  of  the  Mac  tools, 
apart  from  what  the  cross-platform  Xirrus  Wi-Fi  Tools  can  offer  in  their 
widget  bundle,  but  will  continue  to  monitor  these  for  improvements. 

Regardless,  none  of  these  tools  is  complete  in  and  of  itself  for  enter¬ 
prise  wireless-network  management.  It  would  be  great  to  see  some  infra- 
structure-side  functions  integrated  with  them  to  examine,  for  example, 
signal  strength  or  import  location-and-tracking  and  other  statistics. 
Cisco’s  proprietary  Cisco  Compatibility  Extensions  move  in  this  direc¬ 
tion,  but  they  are  neither  discovery  tools  nor  connection  managers. 

We  expect  the  availability  of  products  incorporating  features  speci¬ 
fied  in  the  recently  issued  802.1  lk  Radio  Resource  Measurement  and 
the  still-under-development  802.1  lv  Wireless  Network  Management 
standards  also  will  help  in  the  stability  and  overall  functioning  and 
flexibility  of  future  network-discovery  tools.There  are  some  functional 
and  useful  discovery  and  connection  applications  today  but  the 
world  of  client-side  tools  remains  an  area  that’s  ripe  for  innovation. 

Mathias  is  a  principal  with  Farpoint  Group,  an  advisory  firm  special¬ 
izing  in  wireless  networking  and  mobile  communications. He  also  is  a 
regular  columnist  for  two  publications  including  Computerworld;  and 
his  Nearpoints  blog  resides  at  Network  World.  He  can  be  reached  at 
craig@farpointgroup.  com. 


■  Mathias  is  a  member  of  the  Network  World  Lab  Alliance,  a 
cooperative  of  the  premier  testers  in  the  network  industry,  each 
bringing  to  bear  years  of  practical  experience  on  every  test.  For 
more  Lab  Alliance  information,  including  what  it  takes  to  become 
a  partner,  go  to  www.networkworld.com/alliance. 
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Tools  that  help  find  hot  spots 


Any  Wi-Fi  discovery  tool  can  find  a  hot 
spot,  but  some  network  operators 
also  provide  connection  managers  for 
their  Wi-Fi  services,  mainly  to  integrate 
account  information  easily  on  both  ends  of 
the  link. 

A  good  example  is  Wi-Fi  aggregator 
Boingo  Wireless.  We  installed  its  Go- 
Boingo  client  on  ourWindows  XP 
machine.  Operating  this  application  is  a 
bit  counterintuitive  —  it  wakes  up  when 
near  a  Boingo  hot  spot,  but  otherwise 
remains  invisible.  So,  while  GoBoingo  is 
frequently  listed  as  a  discovery  tool,  it  isn’t 
really  —  it's  just  a  way  to  connect  to 
Boingo,  and  only  Boingo,  and  subsequently 
manage  your  Boingo  account. 

We  also  testedT-Mobile’s  HotSpot 
Connection  Manager  1.8  (which  is  avail¬ 
able  on  an  OEM  basis  from  PCTel),  a  fun¬ 
damentally  consumer-oriented  tool  that 
unsurprisingly  allows  the  selection  of  a 
skin  during  installation.  Upon  start-up,  it 


rapidly  produced  a  list  of  potentially  con¬ 
flicting  applications  (such  as  the  Intel 
ProSet/Wireless  client  we  normally  use), 
disabled  them  (with  our  permission)  and 
subsequently  fired  itself  up. 

Selecting  the  “networks"  button  brought 
up  the  usual  information  such  as  Service 
Set  Identifier,  icons  for  ad-hoc  and  infra¬ 
structure-mode  availability,  Basic  SSID 
(media-access-control  address),  radio , 
details  on  encryption,  and  a  bar  graph 
depicting  signal  strength.  While  slower 
than  our  Intel  manager, T- Mobile's  tool  is 
very  usable  and  suitable  even  for  those 
who  do  not  regularly  useT-Mobile's  hot 
spot  service. 

We  should  point  out  that  neither  the 
Boingo  nor  the T- Mobile  services  require  a 
connection  manager,  but  the  whole  point 
of  these,  apart  from  discovery,  is  to  make 
network  access  simple,  especially  for  the 
less  than  technically  literate. 

Interestingly,  some  wireless  WAN  oper¬ 


ators  also  provide  discovery  and  connec¬ 
tion-management  tools  that  are  occasion¬ 
ally  configured  to  support  Wi-Fi.  For  exam¬ 
ple,  Smith  Micro  Software,  whose  Quick- 
Link  Mobile  application  is  used  by  a  num¬ 
ber  of  carriers,  is  sometimes  made  avail¬ 
able  with  basic  WLAN  connectivity. 

The  product,  however,  is  sold  only  on 
an  OEM  basis,  and  the  version  we  fre¬ 
quently  use  at  Farpoint  Group  — Verizon 
Wireless'  VZ  Access  Manager  6.7.3  — 
has  no  WLAN  capability.  InWWAN 
mode  (Verizon’s  BroadbandAccess,  in 
our  case),  however,  it  functions  in  much 
the  same  way  as  a  WLAN  connection 
manager,  discovering  networks,  letting 
users  choose  their  connection,  setting 
up  links  and  gathering  statistics.  Simi¬ 
larly, T-Mobile’s  manager  is  configured 
to  enable  the  setup  ofT-Mobile  GPRS 
and  EDGE  connections. 

—  C.J.  MATHIAS,  NETWORK  WORLD 
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Today,  datacenters  eat  up  to  30  times  more  energy  per  square  foot  than  a 
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Lotus 

continued  from  page  1 

because  we  have  been  preparing,”  Picciano 
says,  acknowledging  Lotus’  efforts  back  to  the 
days  when  groupware  was  king. 

First  up  is  delivering  just  ahead  of  Lotusphere 
the  8.5  version  of  Notes  and  its  new  compres¬ 
sion  technology  Notes  ID  file  management, 
developer  tools  and  integration  with  Lotus 
Connections  social-networking  software. 

Picciano  will  highlight  the  importance  of  the 
Notes  8  portal  client,  built  on  top  of  Lotus  Ex¬ 
peditor  and  Eclipse,  which  provides  the  inter¬ 
face  for  Web-based  services,  mashups  and 
applications  such  as  Sametime  and  Quickr. 

Also  on  tap  for  2009  is  a  new  version  of  Same¬ 
time  (instant  messaging/Web  conferencing) 
that  uses  Web  2.0  interfaces  to  expose  UC  ser¬ 
vices. 

Lotus  also  plans  to  flesh  out  Lotus  Con¬ 
nections  2.0  and  Lotus  Mashups,  an  IT  tool  for 
combining  widgets  into  applications. 
Picciano  also  says  he  will  show  off  XPages,  a 
feature  of  Domino  Designer  that  ships  with  8.5 
and  will  change  the  way  Notes  applications 
are  built  and  will  usher  them  into  the  Web  2.0 
era.  In  addition,  XPages  will  help  developers 
convert  existing  applications  to  the  Web  2.0 
model. 

He  will  need  all  those  weapons  to  face  what 
is  likely  his  greatest  competitive  challenge  — 
Microsoft’s  Office  SharePoint  Server,  which  has 
become  a  billion-dollar  juggernaut,  a  develop¬ 
ment  platform  much  like  Notes  and  a  middle 
ware  destination  for  IT. 

A  Forrester  Research  report  published  this 
month  lines  up  Notes  against  SharePoint  and 
concludes  that  Microsoft  finally  has  a  develop¬ 
ment  platform  to  rival  Lotus. 

“Notes  has  this  basic  collaboration,  basic 
content  management,  this  application  devel¬ 
opment  environment  that  includes  a  user- 
accessible  application  environment,  and  those 
things  have  made  Notes  unique  for  some  time,” 
says  Forrester  analyst  Rob  Koplowitz,  who 
wrote  the  report.  “But  now  there  is  another 
player  in  town  with  SharePoint.” 

Some  experts  say  with  Quickr,  Connections 
and  Sametime,  Lotus  has  a  formidable  trio  of 
new  tools  to  go  along  with  old  gems  like  Notes 
replication  that  SharePoint  cannot  yet  match. 

“If  a  customer  says  they  don’t  want  Notes, 
IBM  can  still  come  in  and  say  this  trio  can  do 
things  that  are  market  leading,”  says  Peter 
O’Kelly  principal  analyst  for  O’Kelly  Consul- 
ting.“You  have  Web  2.0  and  Enterprise  2.0  kinds 
of  collaboration,  and  market-leading,  real-time 
communication  tools.  And  it  works  on 
Notes/Domino,  WebSphere,  Java,  DB2,  Oracle 
and  they  fit  with  Microsoft  tools  such  as  Ex¬ 
change.  And  another  advantage  is  that  it  works 
across  a  variety  of  platforms;  Linux,  Unix, 
Solaris, Windows.” 

Industry  experts  say  the  dramatic  adoption 
of  SharePoint  and  its  positioning  as  Microsoft’s 
collaboration  hub  could  lead  users  to  add 
other  Microsoft  software  such  as  Exchange 


Bob  Picciano 

Position:  General  Manager, 

IBM  Lotus  Software  Division 

Responsibilities:  Lead  Lotus 
into  the  Web/Enterprise  2.0  era  of  collaboration. 

He  is  also  a  member  of  IBM's  Integration  and 
Values  team  -  a  select  group  of  executives  who 
provide  guidance  across  IBM  on  various  business 
and  strategic  issues. 

Background:  Prior  to  Lotus,  Picciano  was  vice 
president,  worldwide  sales,  information  manage¬ 
ment,  software  group.  He  served  as  vice  president 
for  Data  Servers  where  he  was  responsible  for 
IBM's  database  portfolio  of  software  including  DB2. 
From  2001  to  2004,  Picciano  led  the  worldwide 
development  and  support  of  DB2  Linux,  Windows 
and  Unix  platforms  as  vice  president  of  Database 
Technology  from  IBM's  Toronto  software  develop¬ 
ment  lab  in  Markham,  Canada, 


and  Office  Communications  Server  at  the  ex¬ 
pense  of  Lotus. 

In  addition,  IBM  is  seeing  many  new  com¬ 
petitors,  including  Oracle  and  Cisco,  that  want 
a  piece  of  the  collaboration  and  social-net¬ 
working  pie. 

Microsoft  in  July  said  it  wants  to  get  Lotus 
customers  to  convert  5  million  seats  of  Notes  to 
Microsoft’s  collaboration  tools  between  July  1, 
2008  and  June  30, 2009. 

Picciano  doesn’t  see  that  happening. 

“We  are  leaving  others  like  Microsoft  in  the 
rear-view  mirror  because  they  are  more 
caught  up  in  protecting  franchises  and  not 
focused  on  liberating  workforces  and  get¬ 
ting  people  to  democratically  share  infor¬ 
mation  and  link  together  in  a  business  con¬ 
text,”  he  says.  “The  golden  egg  Microsoft  is 
laying  [with  SharePoint]  is  coming  from  the 


chicken  they  have,  which  is  a  monopoly 
desktop  environment.” 

Picciano  has  presided  over  a  number  of 
attacks  on  Microsoft. 

He  cites  the  coup  Lotus  scored  earlier  this 
year  at  the  Enterprise  2.0  Conference,  trumping 
SharePoint  by  many  analyst  accounts  with  the 
array  of  social-networking  tools  in 
Connections. 

In  May,  the  company  took  aim  directly  at 
SharePoint  by  releasing  Lotus  Quickr  Content 
Integrator,  a  tool  for  moving  content  in  mass 
to  Quickr  from  SharePoint  sites  and  Microsoft 
Exchange  folders,  as  well  as  IBM-based  repos¬ 
itories. 

In  September,  the  company  opened  the  IBM 
Center  for  Social  Software  in  Cambridge,  Mass., 
that  will  tap  IBM  staff,  clients,  partners,  students 
and  others  to  research,  develop  and  test  Web 
2.0  tools. 

And  in  October,  Lotus  introduced  a  hosted 
Notes  option,  which  begins  to  blend  its  soft¬ 
ware  with  online  services  much  like  Microsoft 
is  trying  to  do  under  the  guidance  of  Notes  cre¬ 
ator  and  now  Microsoft  chief  software  archi¬ 
tect  Ray  Ozzie. 

Lotus  also  is  adding  a  focus  on  small  and 
midsized  businesses  with  its  Bluehouse  online 
services  and  Foundation  appliances  for  col¬ 
laboration 

“We  think  this  is  a  massively  underserved 
environment,”  Picciano  says.  His  optimism  is 
fueled  by  the  fact  that  Lotus  has  recorded  16 
consecutive  quarters  of  revenue  growth, 
including  a  10%  increase  reported  in  October 
with  IBM’s  2008  fiscal  third-quarter  earnings. 

On  top  of  that,  the  company  says  a  yet-to-be- 
named  Asian  firm  is  adding  300,000  Notes 
seats  and  other  Lotus  software  in  2009  and  that 
its  “biggest  client  win  ever  in  North  America” 
will  bring  another  150,000  seats  including 
Notes,  Sametime,  Connections  and  Quickr.  Last 
month,  Global  Hyatt  committed  to  a  Notes  8 
infrastructure  including  UC  software. 

The  sales  speak  to  the  integration  possibili¬ 
ties  Picciano  is  trumpeting. 

He  says  he  will  tie  everything  together  for  the 
Lotus  customer  base  in  January® 
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With  energy  consumption  expected  to  double  in  five  years,  how  do  you  build 
and  manage  your  IT  to  reduce  costs?  Greener  software:  a  complete  range 
of  energy-efficient  software  to  optimize  your  infrastructure,  boost  business 


world  starts  with  greener  business.  Greener  business  starts  with  IBM. 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

Get  our  green  strategy  whitepaper  at  ibm.com/green/software 
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How  Cisco  rules  in  network  security 


The  company  is  No.  1  worldwide  except  in  the  UnifiedThreat  Management  sector,  and  it's  pretty  darn  close  there. 


2007  firewall/VPN  hardware 
and  software  market: 

$2.6  billion 


2007  market  for  VPN 
hardware  and  software: 

$1.6  billion 


Other 

25.1% 


-Check  Point 
15.5% 

Juniper  14.1% 


Other 

55.6% 


Cisco  13.7% 


—  Nokia  7.9% 
Microsoft  6.6% 


SOURCE:  IDC 


— Juniper  7.1% 

»—  Nokia  6.9% 
SafeNet4.7% 
-  Microsoft  3.6% 
L—  Alcatel-Lucent 
3.5% 

F5  Networks  2.6% 
Check  Point  2.3% 


2007  market  for  intrusion 
detection  and  prevention 
hardware  and  software: 

$1.6  billion 


- IBM  10.9% 

—-McAfee  9.8% 
TippingPoint 

r - 8.1% 

Check  Point  3.7% 
-  Sourcefire  3.1% 
•Trend  Micro  2.7% 
-Enterasys  1.7% 


Juniper 

1.7% 


2007  market  for  UTM 
appliances:  $1.5  billion 
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S—  Fortinet  13.3% 
—  Cisco  10.3% 

- Juniper  9.2% 

||  - — Sonic  Wall  9.2% 
-Secure  Computing  8.1% 
- Check  Point  6.9% 


Cisco 

continued  from  page  1 

and  TippingPoint. 

NSS  Labs  will  publish  its  findings  about  fire¬ 
walls,  IPS  and  UTM  early  next  year,  but  Phatak 
says  he  has  concluded  that  there  are  perfor¬ 
mance  drawbacks  to  using  the  Cisco  security 
functions  in  routers  and  switches. 

“Using  IPS  in  your  router  can  turn  a  60G 
router  into  a  5G  one  or  even  a  100Mbps 
device,”  Phatak  says.  “There  are  performance 
bottlenecks.”  He  adds  that  sometimes  security 
functions  simply  can’t  keep  up  when  speeds 
are  high. 

But  Phatak  also  points  out  that  the  tests  of 
Ciscos  stand-alone  security  appliances  fared 
quite  well  against  its  rivals’  equipment  in  the 
NSS  Labs  environment,  which  included  simu¬ 
lation  of  perimeter,  internal  network  and  e- 
commerce.  “TippingPoint,  McAfee,  Juniper, 
Cisco  and  IBM  are  all  ‘Grade  A,’”  Phatak  says. 

Cisco  says  the  effectiveness  of  the  software- 
based  security  modules  in  routers  and  switch¬ 
es  depends  on  the  use  case,  and  it  helps  cus¬ 
tomers  work  out  any  problems  that  crop  up. 
Cisco  indicated  its  network  security  sales  are 
split  fairly  evenly  between  the  modules  and 
appliances.  And  there  are  no  plans  to  change 
the  integrated  security  services  strategy. 

“We’re  making  security  part  of  the  funda¬ 
mental  services  in  routing,  wireless  and 
switches,”  says  Bob  Gleichauf,  CTO  of  Cisco’s 
Security  Technology  Group  “Customers  should 
be  pushing  the  envelope  with  us.” 

Cisco’s  prominence  as  a  network  provider 
has  contributed  to  its  success  in  the  security 
market,  say  several  analysts,  a  statement  with 
which  Cisco  agrees. “We’re  an  end-to-end  ven¬ 
dor,”  Gleichauf  says.“If  customers  have  a  prob¬ 
lem,  we’ll  show  up.” 

Strategic  vendor  vs.  best-of-breed 

Cisco’s  prominence  in  security  reached  a 
turning  point  this  year,  according  to  an  annual 
survey  by  Nemertes  Research  of  security  pro¬ 
fessionals  at  about  80  companies  who  were 
asked  if  they  preferred  to  have  a  “strategic 


security  vendor”  or  “best-of-breed.” 

For  the  first  time  the  majority  indicated  that 
they  were  looking  to  have  a  strategic  vendor  in 
security  and  Cisco  was  the  first  choice  —  the 
second  being  Microsoft. 

“In  2007  and  2008,  a  shift  occurred  here,” says 
Andreas  Antonopoulos,  senior  vice  president 
at  Nemertes,  noting  the  annual  survey  in¬ 
cludes  in-depth  interviews  with  respondents. 
“Up  to  2008,  the  answer  to  the  security  vendor 
question  was  ‘best  of  breed.’” 

With  best-of-breed, though, you  might  end  up 
with  15  different  “point  solution”  vendors  for 
IPS,  antivirus  and  so  forth,  Antonopoulos  says. 
“Security  is  one  of  the  most  fragmented  indus¬ 
tries,”  he  says. 

Security  managers  today  aren’t  as  inclined  to 
go  through  the  laborious  process  of  evaluating 
best-of-breed  security  products,  Antonopoulos 
says.  In  greater  numbers  they’re  opting  for 
Cisco  largely  because  of  the  perception  that 
they  gain  operational  efficiencies. 

“Operationalizing  security  is  as  good  as  hav¬ 
ing  best-of-breed,”  Antonopoulos  says.  “Why 
Cisco?  Because  they  integrate  security  features 
on  top  of  the  network,  QoS  and  switching.” 

Though  not  all  observers  view  Cisco  as  both 
best-of-breed  and  strategic  in  security 

“Cisco  does  not  have  a  best-of-breed  securi¬ 
ty  product,” says  Richard  Stiennon, analyst  with 
consultancy  IT-Harvest.  “Cisco’s  weak  under¬ 
belly  is  their  lack  of  good  security  products. 
Best-of-breed  would  be  Fortinet  in  UTM  or 
TippingPoint  in  IPS.” 

Stiennon  says  Cisco’s  security  is  not  “inte¬ 
grated,  except  on  the  purchase  order,  because 
for  years  and  years  they  haven’t  delivered  on 
an  effective  central  management  platform  for 
the  enterprise.”  Customers  are  stuck  managing 
the  security  functions  from  different  consoles 
anyway  even  if  it’s  inside  the  switch  or  router, 
he  says. 

Some  security  managers  in  organizations 
with  large  Cisco  networks  are  searching  for 
the  middle  ground  and  are  open  to  using 
products  from  Cisco  or  the  pure-play  security 
vendors  competing  in  IPS,  UTM,  firewall/VPNs 
and  also  network  access  control  (NAC). 


James  Perry  is  executive  director  of  IT  secu¬ 
rity  and  information  security  officer  for  the 
University  of  Tennessee.  Cisco  routers  and 
switches  provide  the  university’s  network  foun¬ 
dation,  but  the  five  main  campuses  each  went 
its  own  way  in  choosing  a  network  security 
path.  A  variety  of  Check  Point,  Juniper, Tipping¬ 
Point,  Cisco  appliances  co-exist  on  the  Cisco 
router  and  switch  network,  and  logged  securi¬ 
ty  data  is  consolidated  through  an  ArcSight 
system. 

The  Knoxville  campus  a  few  years  ago  tried 
testing  the  Cisco  firewall  services  module 
when  it  was  still  new,  but  Perry  says  it  didn’t 
work  well  at  the  time  for  the  data  center, so  the 
university  decided  on  the  Juniper  NetScreen 
5400  instead. 

That’s  not  to  say  Perry  is  opposed  to  services 
modules  or  Cisco  security  gear,  and  other 
campuses  at  the  school  use  Cisco’s  multipur¬ 
pose  Adaptive  Security  Appliance,  which  com¬ 
bines  security  functions. 

“It  all  depends  on  the  goals  of  your  pro¬ 
ject,”  says  Perry,  who’s  starting  a  NAC  evalua¬ 
tion  for  the  university  to  enforce  policy- 
based  access  for  students  and  staff. 
Candidates  with  NAC-style  options  under 
review  are  TippingPoint,  Juniper,  Cisco  and 
Microsoft,  among  others. 

Cisco’s  success  in  the  security  market  is 
unlikely  to  abruptly  slow  down,  says  Andrew 
Hanson,  associate  research  analyst  for  net¬ 
work  security  and  endpoint  security  at  IDC. 
But  he  notes  that  the  firewall  market,  where 
Cisco  dominates,  is  expected  to  start  declining 
this  year,  possibly  displaced  by  multipurpose 
UTM-style  products. 

Will  Cisco  be  able  to  hold  the  security  fort? 
“Cisco  is  a  giant  and  is  always  going  to  be  a 
player,”  Hanson  says.B 
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Running  business  apps  on  servers  that  aren’t  scalable,  along  with  demanding 
service  levels,  is  consuming  energy  at  an  exponential  rate.  Break  the  cycle 
with  highly  scalable  IBM  servers.  IBM  PowerVM™  virtualization  technology 
can  help  you  consolidate  workloads  from  twelve  single-application  16-core 
HP  Integrity  rx7640  systems  onto  two  16-core  Power™  570  systems  for  up  to 
18%  higher  performance  and  reduced  energy  requirements  of  up  to  44%’.  A 
greener  world  starts  with  greener  business.  Greener  business  starts  with  IBM. 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

Learn  how  to  improve  app  performance  at  ibm.com/green/performance 


’For  complete  details,  go  to  ibm.com/green/claim.  IBM,  the  IBM  logo,  ibm.com,  PowerVM  and  IBM  Power  570  are  trademarks  of  International  Business  Machines  Corporation,  registered  in  many  jurisdictions 
worldwide.  A  current  list  of  IBM  trademarks  is  available  on  the  Web  at  "Copyright  and  trademark  information"  at  www.ibm.com/legal/copytrade.shtml.  ©  2008  IBM  Corporation.  All  rights  reserved. 
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How  Do  You  Monitor, 


Power  In-Feeds? 
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With  Sentry™! 


n 


i  i 


Switched  &  Smart  3-Phase  Power  Distribution  Units 


Server  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 


>  High  Power  Distribution: 

208V  3-Phase  30A/60A  or  400V  3-Phase  16A/32A 

>  Flexible  Mounting: 

Zero  U  or  Modular  mounting  inside  the  cabinet 

>  Delta  or  Wye  In-Feeds: 

Wye  in-feeds  can  also  provide  120V  power  outputs 

>  Multiple  Outlet  Types: 

IEC  Cl  3,  Cl  9  &  NEMA  5-20R  outlets  in  multiple 
configurations 

>  Local  Current  LED's: 

Verification  of  input  current  and  for  load  balancing. 

>  Environmental  Monitoring: 

External  temperature  &  humidity  probes. 

>  Linking: 

Links  (2)  units  with  (1)  IP  address  for  Remote  Monitoring 

>  Remote  Control,  Monitoring  and  Security: 

Web  interface,  SSL,  SSH,  Telnet,  SNMP,  FTP,  SNTP,  Syslog, 
LDAP  &  LDAPS,  TACACS+  &  RS-232  access 


Server  Technology,  Inc.  I  Headquarters 

1040  Sandhill  Drive  tf  +1.800.835.1515 

Reno,  NV  89521 -USA  tel  +1.775.284.2000 

www.servertech.com  *ax  +1-775.284.2065 

www.servertechblog.com  sales@servertech.com 


Instantly  Search  Terabytes  of  Text 

♦  over  two  dozen  indexed,  unindexed,  fielded  data  and  full-text  search  options 

♦  supports  hundreds  of  international  languages 

♦  file  parsers  /  converters  for  hit-highlighted  display  of  all  popular  file  types 

♦  Spider  supports  static  and  dynamic  web  data;  highlights  hits  while  displaying 
links,  formatting  andjmages  intact 

♦  API  supports  .NET,  C++,  Java,  SQL,  etc.  New  .NET  Spider  API 


The  Smart  Choice  for  Text  Retrieval®  since  1991 


♦  "Bottom  line:  dtSearch  manages  a  terabyte  of  text  in  a  single  index 

and  returns  results  in  less  than  a  second"  -  InfoWorld 

♦  "For  combing  through  large  amounts  of  data,"  dtSearch  "leads  the  market" 

-  Network  Computing 

♦  dtSearch  "covers  all  data  sources  ...  powerful  Web-based  engines"  -  eWEEK 

♦  dtSearch  "searches  at  blazing  speeds"  -  Computer  Reseller  News  Test  Center 

See  www.dtsearch.com  for  hundreds  more  reviews, 
and  hundreds  of  developer  case  studies 

Contact  dtSearch  for  fully-functional  evaluations 


1-800-IT-FINDS  •  www.dtsearch.com 
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Global  IT  Equipment  Exchange 

Major  IT  and  Network  Computing 
Equipment  Auctions  of  HR  IBM  and 
Compaq  P4  Laptops  and  Desktops,  Cisco 
Firewall  &  Switches,  Servers,  and  More 


Online  Auctions 


O  MERCK 


microsystems 


UNITED  STATES 
POSTAL  SERVICE 


% 

Scientific 

Atlanta 


Featured  Items: 

•  (40+)  SUN  FIRE  X4600  R  &  M2  Servers 

•  (40+)  SUN  FIRE  X4100  Servers 

•  (40+)  Sun  SE5300  RAID  Array,  2TB 
(new  in  box) 

•  (45+)  SUN  FIRE  X2100  Servers 

•  (60+)  Sun  V60X  &  V40Z  Servers 

*(50+)  Sun  SE3311  &SE3511  RAID  Array 

•  (50)  SUN  FIRE  X4200  Servers 

•  (60+)  Sun  LCD  Monitors;  17"  to  24" 

•  (60+)  SUN  ULTRA  40  &  20  Workstations 

•  Compaq  P3  &  P4  Laptop  Computers 
w/HHDs 

•  Compaq  P3  &  P4  Laptop  Computers 
w/o  HHDs 

•  HP  P4  Desktop  Computers  w/  HHDs; 

1.8  to  2.4  GHz 

•  HP  P4  Desktop  Computers  w/o  HHDs; 
1.8  to  2.4  GHz 

Assortment  of: 

•  Large  Quantity  of  HP  Laser  and 
Dot  Matrix  Printers 

•  Large  Quantity  of  Phone  Systems, 

LCD  Monitors,  &  IT  Equipment 
including  IBM  and  HP  Laptops 

•  IBM,  HP  and  SGI  Servers 

•  Cisco  Network  Switches 


Auction  Calendar: 

IT  Exchange  #166 

Auction  Begins:  Nov.  17, 2008  at  1:00  am  PT 
Auction  Ends:  Nov.  18, 2008  at  6:00  pm  PT 

IT  Exchange  #167 

Auction  Begins:  Dec.  1, 2008  at  1 :00  am  PT 
Auction  Ends:  Dec.  2,  2008  at  6:00  pm  PT 

IT  Exchange  #168 

Auction  Begins:  Dec.  15,  2008  at  1:00  am  PT 
Auction  Ends:  Dec.  16,  2008  at  6:00  pm  PT 


To  view  and  bid  on 
the  lots,  please  visit 

www.Go-Dove.com 


For  further  information,  please  contact: 
CUSTOMER  SERVICE 
Tel:  +1  650  678  3981  (United  States)  or 
+44  (0)  20  7098  3792  (Europe) 

Email:  customerservice@go-dove.com 
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Asset  Soles  and  Valuations  Worldwide 


Efficiently  aggregate  full-duplex  data  into  your  analysis  or  security  device. 


•Supports  10/100/1000 

•  Stream  into  two  different  devices 

•  Rack  mount  up  to  three  across 

•  Supports  all  commercial  analysis  systems 

•  Also  works  with  open-source  tools 

Leam  more.  Visit  www.networkTAPs.com. 


Buffer  options: 

256  MB . $1,295 

512  MB . . . $1,795 

1 1GB . $2,195 


nTAP 


TM 


Choose  from  a  variety  of  configurations,  options,  and  pricing.  Plus  a 
complete  line  of  copper  and  optical  nTAPs  for  full-duplex  analyzer  systems. 
Free  overnight  delivery * 

www.networkTAPs.com  •  1-866-GET-nTAP 


C€  (§>  'K 

'  ^  v  N  'Free  overnight  delivery  on  all  U.S.  orders  over  5295  confirmed  before  12  p.m.  Central  Time. 

©  2008  Network  Instruments,  UC.  nTAP  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LlC, 


more  bang 

for  your  buck! 


Cablesys  offers  high  performance  fiber 
optic  assemblies  at  competitive  prices. 

High  Performance 

Exceed  Bellcore  GR-326  standard 
<  0.2  dB  insertion  Loss  typical  /  >  55dB(1310)return  loss 
Corning  glass  /  Angle  polish  available 

Wide  Selections 

LC,  SC,  MT-RJ,  F,  ST,  MPO  and  more 
Simplex,  Duplex,  Multi  strand.  OFNR,  OFNP 
Tens  of  Thousands  of  Fiber  jumpers  in  stock!!!! 


QUALITY  •  AFFORDABLE  •  SIMPLE 


cablesys.com/fiber 

Call  us:  800.555.7176/  E-mail  us:  cs@cablesys.com 


11/17/08  MARKETPLACE 


M ARKFTPI AHF  11/17/08 


15  Amp  Model 


SALE  PRiOE 


20  Amp  Model  Also  Available! 


SHOWS:  Volts,  Amps,  Watt,  VA, 
Frequency,  Power  Factor  &  KWH 


advice  |  news  f  tips 


Subscribe  to  Network  World's  free  e-newsletters. 

Network  World  offers  more  than  50  technology  specific 
e-mail  newsletters,  written  by  experienced  editors  and  industry 
experts.  You  can  sign  up  for  any  of  our  newsletters  by  going  to 

www.networkworld.com/nlsub 
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•  Physical  Security 

•  Video 

•  Temperature 

•  Power  Problems 

•  Water  on  the  Floor 

•  Humidity 

•  Smoke  and  Fire 

•  And  much  more 


Instant  Notification  by  Phone  or 
E-mail  when  events  threaten  your 
Infrastructure. 
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New  solutions  starting 
at  under  $1,000 

Dealers  Wanted 

Contact  us  today  to  discuss  your  application 


www.ims-4000.com  877-373-2700 


Server  Room 
Climate  &  Power 
Monitoring 


'MicroGoose 

imate  Monitor 


Built-in  Web  Interface 
Temperature  &  Humidity 
Power  over  Ethernet  Enabled 
E-mail  Alarms  &  Escalations 
SNMP,  XML,  HTTP,  HTTPS 
Optional  IP  Web  Cams 


croGoose 


Receive  our  FREE  BOOK 
by  emailing  us  at 
FreeBook@iTWatchDogs.com 
with  your  mailing  address 
or  call  us  at  512-257-1462 


M»y 

SAVE  THE  DATE! 


Mark  your  calendar  to  attend... 


COMING  TO  A  CITY  NEAR  YOU 


IT  ROADMAP  IN  ’08! 


INTERESTED  IN  ATTENDING?  INTERESTED  IN  SPONSORING? 


www.networkworld.com/itr2008 
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Tough  times  and 

These  are  tough  times. Over  the  last  decade 
you  have  most  likely  become  used  to 
some  kind  of  more-or-less  stable  basis  for 
how  your  business  operates.  Sorry  but  that’s  all 
about  to  change  because  the  economy  is  in 
serious  trouble. 

Worse  still,  this  trouble  isn’t  going  to  last  for 
just  a  few  months.  From  what  1  read  and  what 
really  smart  people  tell  me  it  could  take  five  to 
10  years  to  pull  ourselves  out  of  this  slough  of  despond. 

If  you  don’t  believe  me  then  carry  on  as  you  are  and  good  luck  to 
you.  On  the  other  hand  if  you  are  cautious  and  conservative  you  might 
like  to  consider  what  I’m  about  to  outline. 

I  contend  that  despite  decades  of  everyone  and  his  analyst  brother 
espousing  strategic  thinking  in  IT  as  a  better  approach  than  reflexive 
tactical  responses,  the  reality  is  that  most  of  you  have  been  driven  to 
what  might  be  best  described  as  a  set  of  suboptimal  solutions  (what  in 
common  parlance  would  describe  as  seriously  sucky). 

This  started  when  you  saw  a  fire  that  IT  needed  to  address  and  you 
put  it  out.Then  you  saw  another  fire  and  another  and  another  and  so 
you  went  around  putting  out  each  one  in  turn.  In  no  time  at  all  you 
could  point  to  having  successfully  dealt  with  scores  of  fires  but  there 
was  a  big  problem:  Each  extinguished  fire  left  its  unique  footprint  that 
wasn’t  connected  to  any  other  footprint. 

Yes,  indeed!  You  had  created  the  silo  problem:  Lots  of  isolated  pock¬ 
ets  of  technology  You  now  had  (and  probably  still  have)  a  crazy  patch- 
work  of  systems  and  services  that  runs  on  the  edge  of  chaos.  Now 
every  system  change  of  any  consequence  has  knock-on  effects  that 
multiply  the  cost  of  management  and  make  stability  a  nice  fantasy 
So,  what  is  the  solution?  That’s  easy  —  it’s  risk  management.There 


risk  management 

isn’t  one  aspect,  any  single  function  or  operation,  of  any  organization 
that  doesn’t  have  profits  and  losses  associated  with  its  successful  prose 
cution.  In  addition,  there  are  costs  associated  with  its  potential  failure. 

Say  you  have  a  warehousing  operation.  It  has  costs  associated  with 
receiving,  storing,  retrieving  and  shipping  whatever  it  handles.You  can’t 
operate  without  a  warehouse  so  it  has  a  real,  quantifiable  value. 

On  the  other  hand  there  are  risks  associated  with  warehousing  such 
as  not  being  able  to  receive  incoming  goods  efficiently,  taking  too  long 
to  find  goods  that  have  been  stored  or  not  being  able  to  find  them  at 
all . . .  there  are  all  sorts  of  risks  and  each  has  a  quantifiable  value. 

And  there’s  my  point  —  if  you  can’t  quantify  your  risks  then  how  can 
you  possibly  figure  out  where  the  real  fires  are  that  need  to  be  put  out? 

What  risk  analysis  gives  you  is  a  cost  benefit  model.  For  every  work- 
flow  (which  is  really  the  only  thing  that  matters  because  no  step  or 
process  in  an  organization  is  isolated  from  the  overall  flow  of  business) 
there’s  a  value  of  operation  and  a  range  of  costs  of  failure  (I  say  “range” 
because  if  something  goes  wrong  then,  at  the  least,  workflow  could 
pause  and,  at  the  worst,  it  can  catastrophically  stop). 

Your  job  is  to  determine  and  evaluate  every  failure  mode  and  associ¬ 
ate  costs  and  probabilities  with  each  one.  When  you’ve  done  this  exer¬ 
cise  for  every  workflow  in  the  organization  you  will  be  in  a  position  to 
rank  the  risks  in  order  of  value  and  likelihood. 

Now  you,  oh  wickedly  smart  IT  guy  can  look  at  your  budget  and 
weigh  the  value  and  risks  of  every  operation  and  determine  where 
your  limited  funds  should  be  spent.You  may  find  that  the  expected 
upside  from  new  development  projects  is  less  valuable  than,  say 
improving  storage  reliability.  And  that  will,  next  week,  lead  us  into  the 
politics  of  tough  times. 

Gibbs  can  be  reached  at  backspin@gibbs.com. 
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‘Synergy-related  headcount  restructuring’ 


Even  the  word  layoff  is  a  euphemism, when 
you  think  about  it.Yes,  it  can  serve  to  draw 
a  distinction  between  budget-based  and 
performance-based  termination,  but  not  many 
laid-off  workers  get  recalled  to  their  old  jobs 
these  days. 

And  while  certainly  nothing  new,  the  art  of 
dodging  plain  English  when  it  comes  to 
describing  mass  firings  continues  to  advance, 
so  to  speak,  as  the  ongoing  economic  crisis 
piles  mass  firings  one  on  top  of  another.  For  example,  here’s  a  headline 
on  a  press  release  forwarded  to  me  last  week:“Nokia  Siemens 
Networks  enters  final  stage  of  synergy-related  headcount  restructuring.” 

“Hi,  honey,  I’m  afraid  1  have  bad  news:  I’ve  been  synergy-related 
headcount  restructured.” 

A  tone-deaf  Nokia  Siemens  public  relations  department  even  went 
so  far  as  to  put  the  mealy  mouthed  words  on  the  lips  of  company 
CEO  Simon  Beresford-Wylie:“With  the  successful  completion  of  these 
plans,  we  will  have  the  vast  majority  of  the  synergy-related  headcount 
reductions  completed  and  we  can  then  start  to  put  this  chapter  of  our 
history  behind  us  and  focus  on  creating  a  world-class  company!’ 

A  world-class  company  might  start  by  referring  to  3,000  individuals 
about  to  become  unemployed  as  people  instead  of  “headcount,”  and 
their  company-issued  trauma  as  a  business  decision  instead  of  an 
inalienable  force  of  nature. 

After  reading  the  Nokia  Siemens  release,  I  set  off  searching  for  other 
recent  examples  of  companies  resorting  to  euphemism  instead  of 
calling  layoffs  simply  layoffs. That  didn’t  take  long  because  the  first 
item  I  found  via  a  Google  News  search  was  a  story  by  Fortune  maga¬ 
zine  writer  Yi-Wyn  Yen,  who  had  the  same  idea  only  sooner. 

Among  the  examples  he  noted  are  American  Express  CEO  Kenneth 


Chenault’s  use  of  “reengineering  plan”  (7,000  layoffs);  Fidelity 
Investments’  Rodger  Lawson  resorting  to  “cost  improvement  plans” 
(1,300  fired);  and, Tesla  Motors  CEO  Elon  Musk  calling  a  10%  reduc¬ 
tion  in  in  his  workforce  part  of  a  “special  forces  philosophy 

The  Fortune  story  also  features  doublespeak  defenders. 

“When  you’re  doing  something  bad  to  someone,  it  helps  to  use  vague 
language  to  distance  yourself,”  says  one  expert.  And  then  this: 
“Companies  have  to  reassure  the  people  who  are  left  that  there’s  a  plan 
in  place. . . .  People  see  through  what  executives  say  but  what  unnerves 
people  the  most  is  believing  that  nobody  has  control  over  anything.” 

So  let  me  get  this  straight:  Seeing  your  CEO  spew  obvious  baloney 
—  insulting  baloney  no  less  —  creates  a  sense  that  he  or  she  wasn’t 
personally  responsible  and  that  someone  is  in  charge? 

All  it  tells  me  is  that  someone  thinks  I’m  an  idiot. 

Gonsumerist  for  sale,  Valleywag  no  more 

It’s  not  only  brick-and-mortar  companies  having  a  hard  time,  as  last 
week  saw  blog  maker  Gawker  Media  fold  one  of  its  most  notorious 
properties, Valleywag,  and  put  up  for  sale  perhaps  its  best, The 
Consumerist. 

The  latter  really  does  deserve  a  good  home,  given  its  demonstrated 
flare  for  comforting  afflicted  consumers  and  afflicting  comfortable 
corporations,  all  in  an  entertaining  and  educational  manner  that  has 
attracted  a  loyal  audience.  Whether  that’s  enough  to  make  a  buck  is 
apparently  another  matter  altogether,  although  it  ought  to  be  a  good 
start  in  the  right  hands. 

I’m  a  little  short  on  cash  at  the  moment,  but  perhaps  one  of  you  can 
step  up  here. 

Have  a  euphemistic  favorite  of  your  own?  The  address  is 
buzz@nww.com. 


NET 

News,  Insights,  oddities 


54  •  NOVEMBER  17,  2008  •  www.networkworld.com 


What  mad  genius  is  behind  this? 
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Coverage  not  available  everywhere.  Network  details  &  coverage  maps  at  vzw.com.  BlackBerry*  RIM,'  Research  In  Motion,'  SureType  and  related  trademarks,  names  and  logos  are  the  property  of  Research  In  Motion 
Limited  and  are  registered  and/or  used  in  the  U.S.  and  countries  around  the  world,  v  2008  Verizon  Wireless. 
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between  cost  and  innovation,  while  delivering  reliable  ProLiant  technology,  all  at 
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